Get-ADUser -Filter * | ForEach-Object { Set-ADUser $_ -UserPrincipalName ($_.UserPrincipalName).Replace("OldDomain","NewDomain")}Remember to make the pattern in the OldDomain unique enough that you don't accidentally change things you don't intend to. For example, if you are changing from a .local domain in the UPN to a .com, make sure that you replace ".local" and not "local" on the off chance one of the user IDs includes "local" in the name.
If there are any user accounts without a UPN, then an error is generated for those accounts. My domain had 4 accounts without a UPN:
- krbtgt - default account used for kerberos
- IWAM_ServerName - Old IIS account from Windows 2003
- IUSR_ServerName - Old IIS account from Windows 2003
- support_XXXXXXX - Used by Help and Support service
No comments:
Post a Comment