0 votes

When I build accounts on the WebUI I run the a script to check if the name is unique which works. But the issue is this script adds a 1 if the username is taken. I would like to make it so if Steve Smith with the username SmithS is taken to make the username SmithSt .... SmithSte.... SmithStev... and so forth. What is the best way of doing this. Thanks

My current setup

Import-Module Adaxes
function IsUserNameUnique($username)
{
   $user = Get-AdmUser $username -erroraction silentlycontinue
   return $user -eq $Null
}
# Get the username
$username = $Context.GetModifiedPropertyValue("samAccountName")
# Check if the username is unique
if (IsUserNameUnique($username))
{
    return
}
# If the username is not unique, generate a unique one
$uniqueUsername = $Null
for ($i = 1; $True; $i++)
{
    $uniqueUsername = $username + $i;
    if (IsUserNameUnique($uniqueUsername))
    {
        break
    }
}

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $uniqueUsername)

# Update User Logon Name
$upnSuffix = $Context.GetObjectDomain("%distinguishedName%")
$userLogonName = $uniqueUsername + "@" + $upnSuffix
$Context.SetModifiedPropertyValue("userPrincipalName", $userLogonName)
$Context.LogMessage("The username has been changed to " + $userLogonName `
  + ".", "Information")
by (420 points)

1 Answer

0 votes
by (216k points)

Hello,

This one should work:

Import-Module Adaxes
function IsUserNameUnique($username)
{
   $user = Get-AdmUser $username -erroraction silentlycontinue
   return $user -eq $Null
}

# Get the username
$username = $Context.GetModifiedPropertyValue("samAccountName")

# Check if the username is unique
if (IsUserNameUnique($username))
{
    return
}

# If the username is not unique, generate a unique one
$firstName = $Context.GetModifiedPropertyValue("givenName")
$lastName = $Context.GetModifiedPropertyValue("sn")
$uniqueUsername = $Null
if (($firstName -ne $NULL) -and ($lastName -ne $NULL))
{
    $username = $lastName
    foreach ($char in $firstName.ToCharArray())
    {
        $username = "$username$char"
        if (IsUserNameUnique($username))
        {
            $uniqueUsername = $username
            break
        }
    }
}

if ($uniqueUsername -eq $NULL)
{
    for ($i = 1; $True; $i++)
    {
        $uniqueUsername = $username + $i;
        if (IsUserNameUnique($uniqueUsername))
        {
            break
        }
    }
}

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $uniqueUsername)

# Update User Logon Name
$upnSuffix = $Context.GetObjectDomain("%distinguishedName%")
$userLogonName = $uniqueUsername + "@" + $upnSuffix
$Context.SetModifiedPropertyValue("userPrincipalName", $userLogonName)
$Context.LogMessage("The username has been changed to " + $userLogonName `
  + ".", "Information")
0

Thanks for the quick response! This is 99% what I need the only issue I am running into is the last name needs to be 7 characters max. Any ideas of fixing this would be very helpful thanks for the help.

0

Hello,

Please clarify:

do you need the part of the username that consists of the last name be 7 characters max
- or -
do you need the Last Name property in AD to be 7 characters max?

Also, pay attention to userPrincipalName Attribute.

0

Sorry for the confusion. The last name will need to be 7 characters max, the total number of characters can be as many as needed to become unique.

0

Hello,

Here's a modified version of the script that takes into account your custom UPN suffix (customized to the solution described in userPrincipalName Attribute). In the script, $upnSuffix specifies your custom UPN suffix. Modify it to match your requirements.

Import-Module Adaxes
$upnSuffix = "domain.com" # TODO: modify me

function IsUserNameUnique($username)
{
   $user = Get-AdmUser $username -erroraction silentlycontinue
   return $user -eq $Null
}

# Get the username
$username = $Context.GetModifiedPropertyValue("samAccountName")

# Check if the username is unique
if (IsUserNameUnique($username))
{
    return
}

# If the username is not unique, generate a unique one
$firstName = $Context.GetModifiedPropertyValue("givenName")
$lastName = $Context.GetModifiedPropertyValue("sn")
$uniqueUsername = $Null
if (($firstName -ne $NULL) -and ($lastName -ne $NULL))
{
    $username = $lastName
    foreach ($char in $firstName.ToCharArray())
    {
        $username = "$username$char"
        if (IsUserNameUnique($username))
        {
            $uniqueUsername = $username
            break
        }
    }
}

if ($uniqueUsername -eq $NULL)
{
    for ($i = 1; $True; $i++)
    {
        $uniqueUsername = $username + $i;
        if (IsUserNameUnique($uniqueUsername))
        {
            break
        }
    }
}

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $uniqueUsername)

# Update User Logon Name
$Context.SetModifiedPropertyValue("userPrincipalName", "$uniqueUsername@$upnSuffix")
$Context.LogMessage("The username has been changed to " + $userLogonName `
  + ".", "Information")

To limit the number of characters in the last name, you'll need to modify the Property Pattern that specifies constraints and value generation templates for the User object type. By default, this is done by the built-in User Pattern. To modify by the built-in User Pattern:

  1. Launch Adaxes Administration Console.
  2. Expand the service node that represents your Adaxes service.
  3. Expand Configuration \ Property Patterns \ Builtin.
  4. Select the User Pattern. The constraints and value generation templates imposed by this Property pattern will be displayed in the Result Pane (located to the right).
  5. Click the Add button in the top right corner of the Result Pane.
  6. Select the Last Name property.
  7. Check the Maximum length option and type 7 in the associated edit box.
  8. Click OK and save the Property Pattern.
0

I changed the max last name to 7 max, but the issue is that when an account is made it will cut off the last name. A workaround could be just going in and adding the deleted part, but I would rather just build the account and be done with it. Thanks

0

Hello,

You are OK that the user's last name will be saved in AD as Rodrigu, but you want the display name to be Andy Rodriguez. Are we getting you right or are we missing something?

0

The full name is fine, that can be edited while building the account. When the account is made, it will create the lastname with only 7 characters. The only way of fixing this issue is to go to the users account and manually change it, I would like a more streamline way. Thanks

0

Hey still running into this issue, any ideas would be helpful. Thanks

0

Hello,

In this case, you need to undo the changes to the User Pattern described in Unique Username and use the following PowerShell script instead of the script that you are currently using:

Import-Module Adaxes
$upnSuffix = "domain.com" # TODO: modify me

function IsUserNameUnique($username)
{
    $user = Get-AdmUser $username -erroraction silentlycontinue
    return $user -eq $Null
}

# Get the username
$username = $Context.GetModifiedPropertyValue("samAccountName")

# Check if the username is unique
if (IsUserNameUnique($username))
{
    return
}

# If the username is not unique, generate a unique one
$firstName = $Context.GetModifiedPropertyValue("givenName")
$lastName = $Context.GetModifiedPropertyValue("sn")

$uniqueUsername = $Null
if (($firstName -ne $NULL) -and ($lastName -ne $NULL))
{
    # Check last name length
    if ($lastName.Length -gt 7)
    {
        $lastName = $lastName.Substring(0, 7)
    }

    $username = $lastName
    foreach ($char in $firstName.ToCharArray())
    {
        $username = "$username$char"
        if (IsUserNameUnique($username))
        {
            $uniqueUsername = $username
            break
        }
    }
}

if ($uniqueUsername -eq $NULL)
{
    for ($i = 1; $True; $i++)
    {
        $uniqueUsername = $username + $i;
        if (IsUserNameUnique($uniqueUsername))
        {
            break
        }
    }
}

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $uniqueUsername)

# Update User Logon Name
$Context.SetModifiedPropertyValue("userPrincipalName", "$uniqueUsername@$upnSuffix")
$Context.LogMessage("The username has been changed to " + $uniqueUsername `
    + ".", "Information")

This should get you the functionality you want.

0

That fixed many of the issues with building accounts looks like its almost everything we need. One issue we are running into is when we have an account with the same first and last name we get the error Object already exists on "domain". The username is correct but it just wont build the account. A work around I found if I go to fullname and enter a middle initial in Adaxes will see the account as unique. Is it possible to build the account with the same info as a other user on our network without adding the middle initial? Thanks for all the help

0

Hello,

Actually, the error means that the new user's full name is not unique. Active Directory allows non-unique full names, but not when the users are located within the same OU, because a user's full name is also used as the name of the user's account in AD. Having two objects with the same name within the same OU would make it impossible to unambiguously identify an object.

For this purpose, we suggest using a Business Rule triggered before creating a user that would automatically change the full name if it is not unique within an OU. For information on how to create such a Business Rule, see Example 3 in step 5 of the Validate/Modify User Input Using a Script Tutorial.

0

I know this post is old but, I am running into a new issue with building accounts. So here is the issue we a username that already exists in the system it will not add the next character in the name but the same character. For example we already have a username JohnsonS for Steve Johnson when we try to build Sue Johnson the script makes the username JohnsonSs when we really need to make it JohnsonSu. Any ideas on the issue would be helpful. Thanks

Import-Module Adaxes
$upnSuffix = "site.com" # TODO: modify me

function IsUserNameUnique($username)
{
   $user = Get-AdmUser $username -erroraction silentlycontinue
   return $user -eq $Null
}

# Get the username
$username = $Context.GetModifiedPropertyValue("samAccountName")

# Check if the username is unique
if (IsUserNameUnique($username))
{
    return
}

# If the username is not unique, generate a unique one
$firstName = $Context.GetModifiedPropertyValue("givenName")
$lastName = $Context.GetModifiedPropertyValue("sn")
$uniqueUsername = $Null
if (($firstName -ne $NULL) -and ($lastName -ne $NULL))
{
    $username = $lastName.Substring(0, 7)
    $Context.LogMessage($username, "Information")
    $Context.LogMessage($lastName, "Information")
    foreach ($char in $firstName.ToCharArray())
    {
        $username = "$username$char"
        if (IsUserNameUnique($username))
        {
            $uniqueUsername = $username
            break
        }
    }
}

if ($uniqueUsername -eq $NULL)
{
    for ($i = 1; $True; $i++)
    {
        $uniqueUsername = $username + $i;
        if (IsUserNameUnique($uniqueUsername))
        {
            break
        }
    }
}

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $uniqueUsername)

# Update User Logon Name
$Context.SetModifiedPropertyValue("userPrincipalName", "$uniqueUsername@$upnSuffix")
$Context.LogMessage("The username has been changed to " + $uniqueUsername `
    + ".", "Information")

$cas = "cas_{"
# Update User mailNickname NOT WORKING
$Context.SetModifiedPropertyValue("mailNickname", $cas)
0

Hello,

We've checked the script in our environment, and it creates usernames correctly. Are you sure that this wasn't a human error and that you didn't specify, for example, Ssue Johnson when creating the user? Do you have other scripts that would correct the username and/or the first and last names?

Also, can you post here or send to support[at]adaxes.com the full description of the operation that created the user. To do this:

  1. Access the Management History of the user. For information on how to do that, see the following help article: http://www.adaxes.com/help/?Logging.Vie ... story.html.
  2. Locate the log record for the operation that created the user and double-click it.
  3. Right-click the operation description at the very top of the dialog box that appears and click Select All.
  4. Right-click and click Copy.
  5. Send us or post the copied text.
0

Hello,

You are using a wrong version of the script. Use the version from Unique Username.

Your version of the script doesn't check the length of the last name. Since the length of the last name is less than the length of the string you are trying to receive (last name: 5 characters, you are trying to receive a string of 7 characters), the Exception calling "SubString" with "2" argument(s) error occurs. Because of this, when the script starts building a unique username, the $username variable contains the username specified on the user creation form (JohnsonS) instead of last name only (Johnson). That is, the S character is present from the very beginning.

The script in the post we've mentioned above correctly handles such a situation.

Related questions

0 votes
1 answer

Hi, I am looking for a solution which checks if the username ist unique with the following requirements: If [first letter of first name].[last name] is not possible as username ... letter of first name].[last name]2 I' am looking forward to a hint. Thanks

asked Feb 6, 2023 by boris (450 points)
0 votes
1 answer

Hello, I hope someone can help me with a specific script. I have tried to put 2 or 3 together that I have found on here but not having much luck. I am looking to have a ... -upn, but it doesn't seesm to be quite what I'm after. Any help would be appreciated.

asked May 20, 2020 by adantona (40 points)
0 votes
0 answers

Has anyone ever had the business requirement that the usernames of new users be unique across all of the managed domains in the environment? It is easy enough to run a ... the run as service account understand to look further into the other domains as well?

asked Jul 22, 2016 by strikk (360 points)
0 votes
1 answer

Hello, Currently we are using the script from another topic to add a number to the username counting up until it finds a unique name. However, we need the username to still ... changed to " + $userLogonName ` + ".", "Information") Thanks for the assistance.

asked Feb 9, 2016 by jhair (520 points)
0 votes
0 answers

We have a process to create unique usernames but it doesn't account for hyphens. We would like to remove the hyphens and continue to use first initial plus the first seven characters from the ... ($UNLT - 1), $UN.Length)) $UNName + ([int]$UNNum + 1) } } }

asked Dec 11, 2015 by tcarp (20 points)
3,326 questions
3,026 answers
7,727 comments
544,678 users