0 votes

Hello,

I hope someone can help me with a specific script. I have tried to put 2 or 3 together that I have found on here but not having much luck.

I am looking to have a unique username with a 10 character limit (of first name initial + surname), if not unique to add a number at the end.

I was then looking to have a unique UPN (firstname.lastname@domain.com), if not unique to add a number at the end.

Is someone able to help me put this together please?

I have come across this - https://www.adaxes.com/questions/436/check-for-duplicate-upn, but it doesn't seesm to be quite what I'm after.

Any help would be appreciated.

by (450 points)

1 Answer

0 votes
by (177k points)

Hello,

You can use the Username has a length limitation script from the following article in our script repository: https://www.adaxes.com/script-repository/automatically-add-a-digit-to-the-username-if-it-is-not-unique-s298.htm. It works exactly the way you need.

0

Hey thank you for this, sorry yes this is one of the ones I tried to follow.

The issue is that it sets the UPN to the unique username.

I need it to have a unique firstname.last@domain.com (Joe.Bloggs1@domain.com).

The above is fine for the pre W2000 username, but not the UPN unfortunately.

That second part is the bit I'm mainly struggling on currently

0

Hello,

Thank you for clarifying. For us to update the script to meet your needs, please, specify the following:

  1. Should the prefix part of UPN also be limited in length?
  2. If the initial prefix (FirstName.LastName) is not unique, should the script add a digit to the prefix until UPN is unique? If not, what should the script do to make UPN unique?
0

Hey,

No limit to the UPN, just full first name. and last name.

And yes to your second question, simply add a digit until UPN is unique.

Import-Module Adaxes

$emailsuffix = "domain.co.uk"
$maximumLength = 10

$firstname = "%firstname%"
$surname = "%surname%"

function IsUserNameUnique($username)
{
   $user = Get-AdmUser $username -erroraction silentlycontinue
   return $user -eq $Null
}

# Get the username
$username = $Context.GetModifiedPropertyValue("samAccountName")

# Check user name Length
if ($username.Length -gt $maximumLength)
{
    $username = $username.SubString(0 , $maximumLength)
}
elseif (IsUserNameUnique($username))
{
    # Username is unique
    return
}

# If the username is not unique, generate a unique one
$uniqueUsername = $username
for ($i = 1; $True; $i++)
{
    if (IsUserNameUnique($uniqueUsername))
    {
        break
    }

    $difference = $maximumLength - $username.Length - $i.ToString().Length
    if ($difference -lt 0)
    {
        $username = $username.Substring(0, $username.Length + $difference)
    }

    if ([System.String]::IsNullOrEmpty($username))
    {
        $Context.Cancel("Unable to generate a unique username, because the number length exceeds the maximum length of the username")
        return
    }

    $uniqueUsername = $username + $i;
}

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $uniqueUsername)

Function GetUserPrincipalname {



        $result = "$($firstname).$($surname)@$($emailsuffix)"  
        $int = 2
        $output = Get-ADUser -filter "UserPrincipalName -eq '$result'"
        $tmpresult = $result

        Do {
                $output = Get-ADUser -filter "UserPrincipalName -eq '$tmpresult'"

                if ($output -eq $Null) {
                    $result = $($tmpresult)
                } else {
                    $result = "$($firstname).$($surname)$($int)@$($emailsuffix)"
                    $tmpresult = $($result)
                    $int = $int + 1
                }
            }
        Until ($output -eq $Null)


    Return $result
}
# Update User Logon Name

$userLogonName = GetUserPrincipalname
$Context.SetModifiedPropertyValue("userPrincipalName", $userLogonName)
    $Context.LogMessage("The name has been changed to " + $objectName `
      + ".", "Information")
+1

Hello,

Thank you for the confirmation. Find the updated script below. In the script:

  • $maximumLength - Specifies the maximum length of the username.
  • $upnPrefix - Specifies a template for generating the UPN prefix. You can use value references in the template. In your case, it should be "%firstname%.%lastname%"
Import-Module Adaxes

$maximumLength = 8 # TODO: modify me
$upnPrefix = "%firstname%.%lastname%" # TODO: modify me

function IsUserValueUnique($filter)
{
   $user = Get-AdmUser -LdapFilter $filter -erroraction silentlycontinue
   return $user -eq $Null
}

# Get the username
$username = $Context.GetModifiedPropertyValue("samAccountName")

# Check user name Length
if ($username.Length -gt $maximumLength)
{
    $username = $username.SubString(0 , $maximumLength)
}

# User Logon Name (pre-Windows 2000)
$uniqueUsername = $username
for ($i = 1; $True; $i++)
{
    if (IsUserValueUnique "(sAMAccountName=$uniqueUsername)")
    {
        break
    }

    $difference = $maximumLength - $username.Length - $i.ToString().Length
    if ($difference -lt 0)
    {
        $username = $username.Substring(0, $username.Length + $difference)
    }

    if ([System.String]::IsNullOrEmpty($username))
    {
        $Context.Cancel("Unable to generate a unique username, because the number length exceeds the maximum length of the username")
        return
    }

    $uniqueUsername = $username + $i;
}

# User Logon Name
$upnSuffix = $Context.GetObjectDomain("%distinguishedName%")
$uniqueUPN = "$upnPrefix@$upnSuffix"
for ($i = 1; $True; $i++)
{
    if (IsUserValueUnique "(userPrincipalName=$uniqueUPN)")
    {
        break
    }

    $uniqueUPN = "$upnPrefix$i@$upnSuffix"
}

# Update User Logon Name (pre-Windows 2000)
$Context.SetModifiedPropertyValue("samAccountName", $uniqueUsername)

# Update User Logon Name
$Context.SetModifiedPropertyValue("userPrincipalName", $uniqueUPN)
$Context.LogMessage("The username has been changed to " + $uniqueUPN `
  + ".", "Information")
0

I can't thank you enough, I kept editing my post as the more I looked at it the more problems I noticed. But still couldn't get it to work.

Your code works beautifully, the only thing is that the UPN suffix seems to be defaulting to the incorrect one.

I have specified it at the start of the code as follows: $upnSuffix = "domain.com"

But it doesn't seem to make a difference, am I missing something?

0

Sorry I've just seen that it is specified further down, I have just changed that part to meet our requirements. Thanks again :)

Related questions

0 votes
1 answer

Due to some of the systems we have, we must limit our logon names to 8 characters. When I set the Value Length to Maximum 8, the result when creating a new account ... get a popup "Invalid Value Length". Is there a way to autopopulate with only 8 characters?

asked Mar 18, 2013 by Kikaida (4.8k points)
0 votes
0 answers

Has anyone ever had the business requirement that the usernames of new users be unique across all of the managed domains in the environment? It is easy enough to run a ... the run as service account understand to look further into the other domains as well?

asked Jul 22, 2016 by strikk (2k points)
0 votes
1 answer

Hello, Currently we are using the script from another topic to add a number to the username counting up until it finds a unique name. However, we need the username to still ... changed to " + $userLogonName ` + ".", "Information") Thanks for the assistance.

asked Feb 9, 2016 by jhair (2.6k points)
0 votes
0 answers

We have a process to create unique usernames but it doesn't account for hyphens. We would like to remove the hyphens and continue to use first initial plus the first seven characters from the ... ($UNLT - 1), $UN.Length)) $UNName + ([int]$UNNum + 1) } } }

asked Dec 11, 2015 by tcarp (250 points)
0 votes
1 answer

Hello, Im using a business rule triggered before a new user is created to check for username uniqueness. Our company continues to add characters from the first name to build out a ... first name backwards. Like Jdoe, oJDoe, hoJDoe. What can I do to fix this?

asked Nov 18, 2015 by lasership (1.9k points)
2,183 questions
1,948 answers
5,392 comments
5,257 users