none
Updating UPN from Linked mailbox Primary SMTP Address RRS feed

  • Question

  • Hi,

    I need some help, im writing a script to update the UPN on my AD accounts. I have 2 domains.

    Domain 1 is where my enabled Active Directory accounts are

    Domain 2 is our resource domain where our linkedmail  disabled accounts are that are linked to domain 1 user accounts

    I need to run a script that will query the AD accounts in domain 2 to see if their msexchmasteraccountsid matches domain 1 objectsid. If there is a match to get the primarysmtpaddress of the linkedmail boxes in domain 2 and use that address to update the UPN on the matched accounts in domain 1

    So far I've come up with this, but stuck on what I need to write next, any help would be hugely appreaciated

    Import-Module ActiveDirectory
    $Outarray = @()
    $domain2= get-ADUser -searchbase "OU=Users,DC=blah,DC=blah,DC=blah,DC=blah" -filter * -properties * | Select samaccountname, name, msexchmasteraccountsid
    $domain1 = Get-ADTrust -Identity user.domain.com | % { Get-ADUser -filter * -Server "dc01.user.domain.com" -SearchBase "OU=users,OU=blah,DC=blah,DC=blah,DC=blah,DC=blah" -Properties * | Select samaccountname, name, objectsid }
    
    foreach ($domain2 in $domain1) {
        if ($domain2.msexchmasteraccountsid -eq $domain1.ObjectSID) {


    Cheers,

    Andrew

    MCSE, MCSA, VCP, CCNA, SNIA

    Microsoft Infrastructure Consultant

    Blog: Network Angel LinkedIn:

    Note: Please remember to mark as "propose as answer" to help other members. Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    • Moved by Bill_Stewart Friday, July 7, 2017 6:08 PM Abandoned
    Wednesday, May 10, 2017 12:07 PM

All replies

  • You have failed to say what is not happening or what the errors are.

    \_(ツ)_/

    Wednesday, May 10, 2017 12:19 PM
  • Thanks for your comment, nothing happens and no errors

    Cheers,

    Andrew

    MCSE, MCSA, VCP, CCNA, SNIA

    Microsoft Infrastructure Consultant

    Blog: Network Angel LinkedIn:

    Note: Please remember to mark as "propose as answer" to help other members. Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Wednesday, May 10, 2017 12:23 PM
  • This script will get the proxyaddress of domain 2, which works

    Just need help in writing this back as UPN to accounts in domain 1

     $users = Get-ADUser -Filter * $MCAUsers -Properties proxyaddresses
    $primarySMTPAddress = @()
    foreach ($address in $users.proxyAddresses)
    {
        if (($address.Length -gt 5) -and ($address.SubString(0,5) -ceq 'SMTP:'))
        {
            $primarySMTPAddress += $address.SubString(5)
        }
    }
    
    Write-Output $primarySMTPAddress


    Cheers,

    Andrew

    MCSE, MCSA, VCP, CCNA, SNIA

    Microsoft Infrastructure Consultant

    Blog: Network Angel LinkedIn:

    Note: Please remember to mark as "propose as answer" to help other members. Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Wednesday, May 10, 2017 12:34 PM
  • I suspect that no SIDs match.  Why would an accountSid match a domain SID?

    I don't believe the SIDS from different domains will ever match.

    Try:

    $domian1 -in $domain2

    I suspect you also want:

    $domain2Users = get-ADUser -searchbase "OU=Users,DC=blah,DC=blah,DC=blah,DC=blah" -filter * -properties msexchmasteraccountsid $domain1Users = Get-ADTrust -Identity user.domain.com | ForEach-Object { Get-ADUser -filter * -Server "dc01.user.domain.com" -SearchBase "OU=users,OU=blah,DC=blah,DC=blah,DC=blah,DC=blah" -Properties * } Write-Host Domain1 $domain1Users.Count
    Write-Host Domain2 $domain2Users.Count

    foreach($user in $domain1Users){
    Write-Host $user.SID $domain2Users | Where{ $_.msexchmasteraccountsid -eq $user.SID } }



    \_(ツ)_/

    Wednesday, May 10, 2017 12:44 PM
  • The format of a proxy address is "smtp:userid@domain.com"

    You cannot set a second SMTP.  You can only remove the SMTP and add a new one.


    \_(ツ)_/


    • Edited by jrv Wednesday, May 10, 2017 12:49 PM
    Wednesday, May 10, 2017 12:47 PM
  • Thanks

    The SIDS will match as they are Linked accounts

    The msexchmasteraccountsid on the mailbox in domain2 will match the ad account objectsid in the other domain1

    I then need the script to set the UPN on the AD account in domain 1 using the primarysmtpaddress from domain2


    Cheers,

    Andrew

    MCSE, MCSA, VCP, CCNA, SNIA

    Microsoft Infrastructure Consultant

    Blog: Network Angel LinkedIn:

    Note: Please remember to mark as "propose as answer" to help other members. Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Wednesday, May 10, 2017 1:18 PM