Dear friends,
I'm looking for a script to compare the AD user attributes of mailNickName and UserPrincipalName. The condition is that UserPrincipleName has a suffix of username@domain.com while there is none for mailNickName. The ideal solution is:
Compare the username part in mailNickName and UserPrincipalName, export only those users are with different values in these 2 fields.
Replace mailNickName with the prefix of UserPrincipalName (without @domain.com)
Make this script check on our AD environment regularly, I can add this script into Windows Task Scheduler if possible?
Following is my current script used to export the attributes, but I would need to manually remove @domain.com via excel then compare them in excel for another run, this seems quite time-consuming. So I'm wondering how to make these more automatic in the script?
$OUs="OU=Users,xxx,DC=edu,DC=cn"
foreach ($OU in $OUs) {
Get-ADUser -Filter * -SearchBase $OU -Properties samAccountName,userPrincipalName,mailNickname,Enabled |
Where-Object {$_.Enabled -eq $True -and $_.userPrincipalName -ne $_.mailNickname} | Export-Csv -NoType 'C:\tmp\userPrincipalName_vs_mailNickname.csv'
}
Basically my current script exports all the users because there is @domain.com in userPrincipalName field while there is none in mailNickName field.