CODEWITHSUNDEEP
powershellactive-directory
A.Gialias
A.Gialias

Reputation: 47

How to retrieve a users UPN suffix as a string

I'm trying to get a specific AD User and change their UPN, but not their UPN suffix.

As you can see at the moment I have to manually enter their current UPN suffix which is a bit pointless since you have to go into AD to find that anyway, is there some string like $_.UPNSuffix that will call the user's current Suffix?

 $container = "OU=MyOU,DC=MyDomain,DC=local"
 $Filter = Read-Host -Prompt "Enter users Username/P-number"
 $UPNSuffix = Read-Host -Prompt "Enter users current UPN Suffix"
 $users = Get-ADUser -Filter "UserPrincipalName -like '$Filter*'" -SearchBase $container

 Foreach ($user in $users) 
   {
   $newFQDN = $user.GivenName + "." + $user.Surname
   $NewDN = $user.GivenName + " " + $user.Surname
   Set-ADUser -Identity $user -UserPrincipalName $newFQDN@$UPNSuffix -SamAccountName $newFQDN
   Write-Host "User's UPN is now $newFQDN@$UPNSuffix"
   }

Upvotes: 1

Views: 9106

Answers (3)

Blondwolf
Blondwolf

Reputation: 1

It's possible to get the UPN suffixes from the uPNSuffixes field in the Partitions object who's located at :

CN=Partitions,CN=Configuration,DC=xxxxx,DC=com

Thanks from this post who provide an example in C# : List all UPN Suffixes from Active Directory

I don't know how to implement that in powershell but in PHP, it's pretty simple :

ldap_read($ldapConnection, "CN=Partitions,CN=Configuration,DC=xxxxx,DC=com", "(objectclass=*)", array("*");

Maybe with Get-UserPrincipalNamesSuffix : https://learn.microsoft.com/en-us/powershell/module/exchange/active-directory/get-userprincipalnamessuffix?view=exchange-ps

Hope this helps someone !

Upvotes: 0

Dave_J
Dave_J

Reputation: 408

You can get the UPN components by splitting on the @ sign. I would be doing something along the lines of:

 $container = "OU=MyOU,DC=MyDomain,DC=local"
 $Filter = Read-Host -Prompt "Enter users Username/P-number"
 $users = Get-ADUser -Filter "UserPrincipalName -like '$Filter@*'" -SearchBase $container

 Foreach ($user in $users) 
   {
   $null, $UPNSuffix = $user.UserPrincipalName -split '@' # Dump the first part, store the 2nd
   $newFQDN = $user.GivenName + "." + $user.Surname
   $NewDN = $user.GivenName + " " + $user.Surname
   Set-ADUser -Identity $user -UserPrincipalName "$newFQDN@$UPNSuffix" -SamAccountName $newFQDN
   Write-Host "User's UPN is now $newFQDN@$UPNSuffix"
   }

Upvotes: 2

Mark Wragg
Mark Wragg

Reputation: 23385

From a quick Google it doesn't seem that there is a dedicated field for the Suffix, but I figure you could get the UserPrincipalName property and then just split on the @ and grab the second element of the split:

$UPN = (Get-ADUser -Identity $user -Property UserPrincipalName).UserPrincipalName
If ($UPN) { 
    $UPNSuffix = ($UPN -Split '@')[1] 
} Else {
    Write-Warning "Failed to get UserPrincipalName for $User"
}

Note: this is untested code.

Upvotes: 1

Related Questions