I am writing a series of scripts to help me copy active directory objects from one domain (Prod) to another (Test). i have most of this working. After I "finished", I found that certain attributes are not being set. I understand now that the issue is because Set-Aduser only accepts certain attributes. Perhaps someone can assist with a straight forward solution.
My process works like this
- user Get-ADUser to export a bunch of user objects and attributes to a csv file
- on the test server, import the csv and for each user object imported, modify the DN to reflect the new domain and create a user like this:
$userlist = import-csv $myfile
$userlist |foreach {
#fixup UPN
$_.UserPrincipalName = $_.UserPrincipalName -replace , $OldDomain, $NewDomain
#fixup DN & make path. Path is DN minus the first field
$_.Distinguishedname = $_.Distinguishedname -replace , $OldDomain, $NewDomain
$Path = $_.Distinguishedname -split ',',2
$Name = $_.Name
$user = $_
$user|New-ADUser -Path $Path[1] -EA Stop
}
Passing in the user object like I do in the last line works fine for most attributes, but some, like extensionattribute1, are not populated. I assume this is because set-ADUser does not support them directly.
Any idea how best to approach setting these non-default attributes?