question

KeithHampshire-3198 avatar image
0 Votes"
KeithHampshire-3198 asked KyleXu-MSFT edited

Import bulk contacts in Active Directory w/ powershell

I manage multiple domains in my organization. The domain and forest level are server 2016. We have a one-way Azure AD sync to Office 365.

I get the question about not seeing one another's email addresses in the Office 365 GAL. I know I can add them in manually one by one.

What I'm looking to do is take all of the "enabled" adusers from one domain and import them into other domain as a "contact". Is there a powershell script that would do that. Basically, I would run two separate scripts one to export all "enabled" adusers into a csv and the second script would convert the adusers into a contact in the of domain.


windows-serverwindows-server-powershelloffice-exchange-online-itpro
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

First, some clarification:

Do you have a single AD Forest that has multiple Domains?
Or do you have multiple AD Forests?
How many tenants are there in Microsoft 365? Are all the Domains in the same tenant?
Is your Exchange organization creating multiple GALs? Your users can see only one of them; which one they see depends on how you've configured things.

What you want to do is pretty easy in PowerShell, but I don't think it should be necessary if you have only a single Exchange organization. You might get better answers by adding the tag office-exchange-online-itpro to your original post or, better yet, create another post (and use that tag) but don't make it about using PowerShell. Just explain the problem and ask how you can create single inclusive GAL in whatever configuration you have in M365.


0 Votes 0 ·

@KeithHampshire-3198
I am writing here to confirm with you any update about this thread now.
If the suggestion below helps, please feel free to accept it as an answer to help more people.

0 Votes 0 ·
KeithHampshire-3198 avatar image
0 Votes"
KeithHampshire-3198 answered RichMatheisen-8856 commented

Yes, everything is separate. Three different AD forest. Three different O365 tenants. All of the domains are not in the same tenant. No, each Exchange organization does not create multiple GALs.

Example: I manage domain01, domain02 and domain03. All are separate with their own AD forest and O365 tenant. Nothing federated (nothing touches so to speak).

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Is it your intent to perform synchronization, or will you be blindly uploading a complete set of individual user's mailbox details (as contacts) each time? Will be dealing with details such as name changes, telephone number changes, etc.?

Do your on-prem AD(s) contain anything Exchange related (e.g., schema extensions, actual Exchange organizations (even if there are no servers), etc.) that would allow you to use Exchange cmdlets? If not, you're going to have to import Exchange PowerShell sessions to create the contacts. That can be a very slow process. How may mailboxes/contacts are you going to be managing like this?

0 Votes 0 ·
KyleXu-MSFT avatar image
0 Votes"
KyleXu-MSFT answered

@KeithHampshire-3198

I guess you need this script, it will export user mailbox from Exchange server:

 Get-Mailbox -ResultSize unlimited |where{$_.RecipientTypeDetails -eq "UserMailbox"} | select Name,PrimarySmtpAddress | Export-Csv c:\temp\1.csv -NoTypeInformation

Then, you could copy this CSV file to another Exchange server, then run command below to export those mailbox as mail contact:

 Import-Csv c:\temp\1.csv | foreach {New-MailContact -Name $_.Name -ExternalEmailAddress $_.PrimarySmtpAddress}

Please note, if there exists same username on those Exchange servers, you will get issue when creating mail contact. Because this username has been used.


If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LimitlessTechnology-2700 avatar image
0 Votes"
LimitlessTechnology-2700 answered

Hi KeithHampshire-3198,

Please use this PowerShell script to export all active AD users into a CSV:

Get-ADObject -Filter 'objectClass -eq "contact"' -Properties *|select name,@{e={"$($_.memberof)"};l="Member Of"}|Export-csv Contacts.csv -NoTypeInformation

You may then import contacts from your csv to AD easily with a powershell script. Here the example I've used to bulk import:

Powershell
Import-Module ActiveDirectory
$Users = Import-CSV C:\path\to\users.csv
foreach($User in $Users){
$Params = @{
SamAccountName = $User.SamAccountName
Description = $User.Description
Name = "$($User.GivenName) $($User.Surname)"
DisplayName = "$($User.GivenName) $($User.Surname)"
GivenName = $User.GivenName
Surname = $User.Surname
Department = $User.Department
Company = $User.Company
EmailAddress = $User.EmailAddress
UserPrincipalName = "$($User.SamAccountName)@domain.com"
AccountPassword = (ConvertTo-SecureString $User.AccountPassword -AsPlainText -Force)
Path = "OU=$($User.OU),DC=domain,DC=com"
Enabled = $true
ChangePasswordAtLogon = $true
}
New-ADUser @Params
}



--If the reply is helpful, please Upvote and Accept as answer--

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.