Adding E-Mail Property in AD

A few months back I worked on a project to configure a password manager that was managing accounts across multiple domains without a trust.

The Problem:

This password management software was actually pretty cool. It’s able to match user accounts in its secure data base using a particular active directory attribute. In this case the e-mail field. Unfortunately, the users with accounts in both domains didn’t have the same e-mail attribute. In fact the resource domain for production has no e-mail address’s assigned to it almost at all.

The Solution:

The solution here was actually a fairly simple set of powershell code that did a few things.

First, I imported a CSV file using a relationship of UserName and E-MAIL account. (Which I extracted from the primary domain you know the one where they actually HAVE the correct information) . Then using that data I read through all users that exist in the list and if I found the user, then I checked to see if they had an e-mail address. If they did I logged it and didn’t make a change. If they did NOT have an e-mail address I went ahead and gave them the correct e-mail address. It looked something like this:

$DataPath = Read-Host "Enter The file name or path here"
 $AllUserData = Import-CSV $DataPath
 Import-Module ActiveDirectory
 ForEach ($User in $AllUserData){
 $UserADObj = Get-ADUser -Identity $User.username -Properties Mail
 If ($UserADObj.mail){
 $Output = "User " + $User.Username + " already has an email set of " + $UserADObj.Mail
 Add-Content C:\PowershellLogs\EMailAddressErrorLog.txt $Output
 Set-ADUser $User.Username -EmailAddress $User.EMailAddress

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: