标签:日常 dmi clear str 自定义 批量 objectid count 小型
又来分享一些日常用的小脚本哈,比如说有些小型企业在使用O365时开始用的是O365自带的域名,过了一段时间后想用自己的域名了,这时候管理员就需要将用户的UPN修改成自定义域名。总体来说这不是个复杂的活,简单写的话可能几行代码就搞定了,当然如果想写的稍微规范些,那么可以再加上一些逻辑控制类的语句param (
[parameter(Mandatory = $true)]
[string]$CustomDomainName,
[parameter(Mandatory = $false)]
[bool]$IncludeGlobalAdmin=$false
)
function Change-UserPrincipalName
{
param (
[parameter(Mandatory = $true)]
[string]$OldUserPrincipalName,
[parameter(Mandatory = $true)]
[string]$CustomDomainName
)
$Error.clear()
try
{
$Role = Get-MsolUserRole -UserPrincipalName $OldUserPrincipalName
$Change = $true
if ($Role -ne $null)
{
#Company Administrator
if ($Role.ObjectId -eq "62e90394-69f5-4237-9190-012177145e10")
{
if ($IncludeGlobalAdmin -eq $false)
{
Write-Host ("$(Get-Date) * Found {0} {1}, pass" -f $Role.Name, $OldUserPrincipalName) -ForegroundColor 'yellow'
$Change = $false
}
}
#Directory Synchronization Account
elseif ($Role.ObjectId -eq "d29b2b05-8046-44ba-8758-1e26182fcf32")
{
Write-Host ("$(Get-Date) * Found {0} {1}, pass" -f $Role.Name, $OldUserPrincipalName) -ForegroundColor 'yellow'
$Change = $false
}
}
if ($Change -eq $true)
{
$UserName = $OldUserPrincipalName.Split("@")[0]
$NewUserPrincipalName = $UserName + "@" + $CustomDomainName
Write-Host ("$(Get-Date) * Changing user principal name {0} to {1}" -f $OldUserPrincipalName, $NewUserPrincipalName) -ForegroundColor 'Cyan'
Set-MsolUserPrincipalName -UserPrincipalName $OldUserPrincipalName -NewUserPrincipalName $NewUserPrincipalName
}
}
catch
{
Write-Warning $Error[0].Exception.Message
}
}
$Domains = Get-MsolDomain
if ($Domains.Name.Tolower().contains($CustomDomainName.ToLower()))
{
Get-MsolUser -All | %{
Change-UserPrincipalName -OldUserPrincipalName $_.UserPrincipalName -CustomDomainName $CustomDomainName
}
}
else
{
throw "$(Get-Date) * Domain Name $CustomDomainName not found in your tenant"
}对于Global Admin,脚本里加了一个bool类型的参数来决定是否要修改Global admin的UPN,这样对于管理员来说做这种操作的时候可以更可控一些
标签:日常 dmi clear str 自定义 批量 objectid count 小型
原文地址:http://blog.51cto.com/mxyit/2070231
