Active Directory users log on with their logon names and password. But what are the rules for assigning usernames? g.surname? surname? gsurname? What are the naming conventions? This article looks for and modifies users who do not meet the naming convention.
Searching for logon names that do not match the naming convention
For the following it is assumed that you use a naming convention of g.surname for all newly created users (Patrick Gruenauer = p.gruenauer). So, we have to search for usernames that don’t have a dot (.). Here’s one:
Now we are looking for users in a particular Organizational Unit (People) that do not meet the naming convention.
Get-ADUser -Filter {SamAccountName -NotLike "*.*"} -Searchbase "OU=People,DC=SID-500,DC=COM" | Select-Object Name,SamAccountName,Userprincipalname
Check the list carefully. In the next step we will start modifying their SamAccountName and Userprincipalname.
Changing user logon names
Now we are going to replace the SamAccountName and the UserprincipalName with the first letter of the givenname followed by . and the lastname in lower case.
Get-ADUser -Filter {(SamAccountName -NotLike "*.*") -and (UserprincipalName -notlike "*.*@*")} -SearchBase "OU=People,DC=SID-500,DC=COM" | Foreach-Object {Set-ADUser $_ -SamAccountName ($_.givenname.substring(0,1) + '.' + $_.surname).tolower() -UserPrincipalName (($_.givenname.substring(0,1) + '.' + $_.surname).tolower() + "@" + "$env:userdnsdomain")}
Schwarzenberg then becomes a.schwarzenberg:
Last but not least
Don’t forget to inform the users! 😉
Categories: PowerShell, Windows Server
I?m impressed, I have to admit. Rarely do
I come across a blog that?s equally educative and entertaining, and let
me tell you, you have hit the nail on the head. The issue is something not enough folks are speaking intelligently about.
Now i’m very happy that I came across this during my hunt for something regarding this.
LikeLike
Thank you for the kind words. I am glad that you have found what you are looking for.
LikeLike
Hello Patrick,
Thank you for the post.
Just want to check what would be string to have the username in full? I.E. for John Doe = John.Doe. Will the below work?
$firstname. + ‘.’ + $lastname
Many Thanks,
Pavan
LikeLike
Hello Patrick. Thank you for the post. Just want to check what will be string if i need the username as First.Lastname in Full. For example for John Doe = John.Doe.
Will the below work?
$firstname. + ‘.’ + $lastname
Many Thanks,
Pavan
LikeLike
Hi, yes I think this combination will work as well.
LikeLike
Thanks Patrick, Also i need the first letter for both the first name and last name in uppercase how should i set this up. Looked online but my script fails for some reason.
Thanks again…
LikeLike
Hello Patrick, Thank you that works but i would have to have the first letter in upper case for both the first name as well as the last name. I did look up online seems failing. Can you please help here modifying the string?
Thanks,
Pavan
LikeLike
Hi,
You can see a tolower method in my example. There’s also a toupper method. So try to modify that as you see fit.
LikeLike