We are trying to isolate some suspected dead ID's and want to append a '-old' to the samaccountname variable. I can get to the distiguished name with the below line but I can't find a way to get to the SAM value. Any ideas?

get-content c:\Usertest.txt | Get-QADUser | % { Rename-QADObject -Identity $_.DN -NewName $( $_.Name + "-old") -WhatIf}

Try:

get-content c:\Usertest.txt | Get-QADUser | foreach {
   Set-QADUser -SamAccountName ($_.SamAccountName+'-old')
}

Thank you Shay, I appreciate the help. I am new to scripting and very new to Powershell and put the group rename together from other scripts. Could I have used the Set-QADUser function and made it simpler? Also, as always happens at work, is it easy to reverse the rename if I am required to do so?

Getting this response when I run this:

cmdlet Set-QADUser at command pipeline position 1
Supply values for the following parameters:
Identity:

You're welcome :)

I forgot to add the Identity parameter, so the code should look like:

get-content c:\Usertest.txt | Get-QADUser | foreach {
   Set-QADUser -identity $_ -SamAccountName ($_.SamAccountName+'-old')
}

Once you know what name you want to give, renaming is not a problem. For instance, to remove the '-old' suffix you can do this:

Get-QADUser -sizeLimit 0 -ldap '(samAccountName=*-old)' | foreach {
   Set-QADUser -identity $_ -SamAccountName ($_.SamAccountName.substring($_.SamAccountName.lastIndexOf("-"))
}

It retrieves all users that their SamAccountName attribute is ending with '-old', and then it is using the lastIndexOf() method to find all characetrs that occure before the  "-" char.

HTH 

Good afternoon Shay,

   I just got around to testing the rename script you wrote. I get the following error:

You must provide a value expression on the right-hand side of the '-' operator.
At line:1 char:176
+ Get-QADUser -sizeLimit 0 -ldap '(samAccountName=*-old)' | foreach { Set-QADUser -identity $_ -SamAccountName ($_.SamAccountName.substring($_.SamAccountName.lastIndexOf("-")) -w <<<< hatif}

I ran::  Get-QADUser -sizeLimit 0 -ldap '(samAccountName=*-old)' | foreach { Set-QADUser -identity $_ -SamAccountName ($_.SamAccountName.substring($_.SamAccountName.lastIndexOf("-")) -whatif}

It's not resolved. And I amy be wrong adding the parathesis but that was the error that PS gave me.

    I just re-ran it this morning on my test system and it changed the 1st group name to -old. It doesn't seem to be carrying the samaccountname forward as desired.

Never mind the previous reply. It works when you get the trailing '} ' copied in. :)

Thank you very much