thegooddoctorgonzo · November 15, 2021 03:57
diff --git a/Execute-PIVChange_Cargo.ps1 b/Execute-PIVChange_Cargo.ps1
 #Set OU Path for organization
 $org = "Cargo"
 $ou = "OU=CARGO,OU=PEOAVN,OU=PEO Aviation Users,DC=Ad,DC=DOMAIN"
 #$org = "Test"
 #$ou = "OU=TestOU,OU=PEOAVN,OU=PEO Aviation Users,DC=Ad,DC=DOMAIN"

 #set domain controller to perform action on
 $dc = "Apache"

 #get domain admin credentials to make change
 #$cred = Get-Credential

 #Create report file
 $report = "\\SHAREPATH\peociodata\ServerTeam\Reports\$org - PIV Transition Summary.txt"
 $date = Get-Date -Format MM-dd-yyyy
 New-Item -Path $report -force
 Add-Content -Path $report -Value "$org - PIV Transition Summary"
 Add-Content -Path $report -Value "OU = $ou"
 Add-Content -Path $report -Value "$date `n"

 #Gather all users that have not converted to PIV already
 $users = Get-aduser -filter * -property EmployeeNumber -SearchBase $ou -SearchScope Subtree | Where-Object {$_.UserPrincipalName -match '^[\d]+@mil$' -and $_.UserPrincipalName.length -lt 16} |
    Select Surname,GivenName,UserPrincipalName,EmployeeNumber,distinguishedName | Sort-Object DistinguishedName,Surname

    #for every user that has a PIV captured in the EmployeeNumber property go ahead and change them over
    foreach($u in $users){
        If ($u.employeeNumber -ne $null){
            $piv = $u.employeeNumber
            $oldupn = $u.userPrincipalName
            $dn = $u.distinguishedName
            $userFirstName = $u.GivenName
            $userLastName = $u.Surname
            Set-ADUser -server $dc -Identity $dn -UserPrincipalName $piv
            $newUPN = Get-ADUser -Identity $dn -Server $dc | Select -ExpandProperty UserPrincipalName
                If($newUPN -eq $piv){
                    Add-Content -Path $report -Value "$userfirstname $userlastname's UPN has changed from $oldupn to $newUPN."
                } Else {
                    Add-Content -Path $report -Value "Error writing PIV information!"
                }
            

        }
        
    }
	#Set OU Path for organization
	$org = "Cargo"
	$ou = "OU=CARGO,OU=PEOAVN,OU=PEO Aviation Users,DC=Ad,DC=DOMAIN"
	#$org = "Test"
	#$ou = "OU=TestOU,OU=PEOAVN,OU=PEO Aviation Users,DC=Ad,DC=DOMAIN"

	#set domain controller to perform action on
	$dc = "Apache"

	#get domain admin credentials to make change
	#$cred = Get-Credential

	#Create report file
	$report = "\\SHAREPATH\peociodata\ServerTeam\Reports\$org - PIV Transition Summary.txt"
	$date = Get-Date -Format MM-dd-yyyy
	New-Item -Path $report -force
	Add-Content -Path $report -Value "$org - PIV Transition Summary"
	Add-Content -Path $report -Value "OU = $ou"
	Add-Content -Path $report -Value "$date `n"

	#Gather all users that have not converted to PIV already
	$users = Get-aduser -filter * -property EmployeeNumber -SearchBase $ou -SearchScope Subtree \| Where-Object {$_.UserPrincipalName -match '^[\d]+@mil$' -and $_.UserPrincipalName.length -lt 16} \|
	Select Surname,GivenName,UserPrincipalName,EmployeeNumber,distinguishedName \| Sort-Object DistinguishedName,Surname

	#for every user that has a PIV captured in the EmployeeNumber property go ahead and change them over
	foreach($u in $users){
	If ($u.employeeNumber -ne $null){
	$piv = $u.employeeNumber
	$oldupn = $u.userPrincipalName
	$dn = $u.distinguishedName
	$userFirstName = $u.GivenName
	$userLastName = $u.Surname
	Set-ADUser -server $dc -Identity $dn -UserPrincipalName $piv
	$newUPN = Get-ADUser -Identity $dn -Server $dc \| Select -ExpandProperty UserPrincipalName
	If($newUPN -eq $piv){
	Add-Content -Path $report -Value "$userfirstname $userlastname's UPN has changed from $oldupn to $newUPN."
	} Else {
	Add-Content -Path $report -Value "Error writing PIV information!"
	}


	}

	}
No results found