JohnQ
(Starting to like KiXtart)
2003-05-30 03:45 AM
Changing the "common name" in AD

Is it possible to change the common name in Active Directory via script? The problem that I have is a common name such as Doe, John T. is returned as cn=Doe\, John T.

The "\" causes some problems for some other scripts that we use. I can obviously change the name via AD users and computers by right clicking on it and choosing "rename" but I have many to change and would like to do it with a script. Before I get to carried away with the script, I wanted to try something simple just to test. Here's what I used:

code:
$target = GetObject("LDAP://ou=users,DC=blahblah,DC=com")
          
  For Each $user in $target  
    If $user.name = "cn=Doe\, John T."
      $newname = "cn=John T. Doe"
      $user.name=$newname
      $user.SetInfo
      ? 'Error = '+@ERROR+' - '+@SERROR
      ?"New name is: "$user.name
    EndIf
  Next
If I run this script, it will find cn listed above, but using user.SetInfo returns the following error: Error = -2147352562 - Invalid number of parameters. Any help would be greatly appreciated.

JohnQ
(Starting to like KiXtart)
2003-05-30 02:17 PM
Re: Changing the "common name" in AD

Come on....I know somebody out there has tried this before. At least tell me that it can't be done. [Smile] where's the love? [Smile]

Howard Bullock
(KiX Supporter)
2003-05-30 02:46 PM
Re: Changing the "common name" in AD

JohnQ, I saw your post last night and will be able to respond after doing some testing. Unfortunately, I will not have time until after work. If no one responds by then, look for my post this evening.

JohnQ
(Starting to like KiXtart)
2003-05-30 03:15 PM
Re: Changing the "common name" in AD

Thanks Howard. You always come through. I'll look for your post this evening.

maciep
(Korg Regular)
2003-05-30 07:32 PM
Re: Changing the "common name" in AD

I'm getting the same thing when I try it with my name. But I don't think it is necessarily a SetInfo issue, because I get the same error if i put an @serror after the assignment

code:
$user.name=$newname
@serror
And i haven't had any trouble changing other properties with the same script.

Richie19Rich77
(Seasoned Scripter)
2003-05-31 01:07 AM
Re: Changing the "common name" in AD

$STRUserName would be your users UserID

TranslateName is a Function.

Common Name, would be CN, so $ADSUser.Put ("CN", $CommonName)

code:
 $TranslateUserName = TranslateName (3, "", 3, "@Domain\$STRUserName", 1)
	$ADSUser = GetObject("LDAP://" +$TranslateUserName[0])

		$ADSUser.Put ("givenName", $GivenName)
		$ADSUser.Put ("sn", $SN)
		$ADSUser.Put ("Displayname", $DisplayName)
		$ADSUser.Put ("comment", $DOB)
		$adsUser.HomeDirectory = "$HomePath\$newUserName\My Documents"
		$ADSUser.Put ("samAccountName", $NewUsername)
		$ADSUser.SetInfo
There you go, pick the bones out of that.

[ 31. May 2003, 01:08: Message edited by: Richard Farthing ]

Howard Bullock
(KiX Supporter)
2003-05-31 01:14 AM
Re: Changing the "common name" in AD

JohnQ, the error your are receiving is not from the SetInfo but from the attempt to improperly set the name attribute.

The code below does not get your error but instead returns:
quote:

0 The operation completed successfully.
-2147352567 COM exception error "SetInfo" ((null) - (null)) [-2147352567/80020009]

Error: 9
The storage control block address is invalid.
code:
$DN = TranslateName (1, @domain, 3, "tycoelectronics\us035355", 1)
? $DN[0]

$obj= GetObject("LDAP://@domain/"+$DN[0])
? $obj.Name
$obj.Put("Name","US035355A")
; I also tried $obj.Put("CN","US035355A")

? "@error @serror"
$obj.SetInfo
? "@error @serror"

? ConvertCOMerror(@error)
Function ConvertCOMerror($error)
	$error = val("&"+Right(DecToHex($error),4))
	? "Error: $error"
	shell "net helpmsg $error"
Endfunction
Since you are attempting to actually rename the object not a truly modifyable attribute, I do not think your approach will work. CN is part of the distinguished name that is the object. You will probably want to use the MoveHere method to move the object to the same container with a new name.
code:
;------- Renaming an object ------------------
$cont = GetObject("LDAP://@domain/OU=Sales, DC=ArcadiaBay,DC=com")
$usr = cont.MoveHere("LDAP://@domain/CN=jsmith,OU=Sales, DC=ArcadiaBay,DC=com", "CN=jjohnson")


[ 31. May 2003, 01:19: Message edited by: Howard Bullock ]

JohnQ
(Starting to like KiXtart)
2003-05-31 01:53 AM
Re: Changing the "common name" in AD

Howard, when you right click on a name in AD users and computers and choose rename, aren't you actually renaming or "modifying" the CN? Do you feel that the MoveHere method is the best (if not the only) approach? It seems simple enough.

Thanks for your help -- you've always got the good answers. Is there a good resource that one can go to for some of these differnt methods and object properties. Just when I think I've figured something out, you come up with something new. [Smile]

Howard Bullock
(KiX Supporter)
2003-05-31 02:35 AM
Re: Changing the "common name" in AD

If you down load ADSI 2.5 you will find an adsi25.chm which is pretty good. Then there is always http://msdn.microsoft.com.

Howard Bullock
(KiX Supporter)
2003-05-31 02:41 AM
Re: Changing the "common name" in AD

As far as object properties go, use my enumobjprops.kix script to enumerate all the properties and then go look them up on MSDN.


Function EnumObjProps($object)
   Dim $Class, $Schema, $Value, $property, $cont

   $Class = GetObject($object.schema)
    ? "Class: " + $Class.Name
    ? "GUID: " + $Class.GUID
    ? "Implemented by: " + $Class.CLSID

    If $Class.Container
        ? ? "Container Object"
        ? "Class Contains:"
        For Each $cont In $Class.Containment
            ? "   " + $cont
        Next
    Else
        ? ? "Leaf Object"
    EndIf

    ? "Mandatory Properties in this Class: "
    For Each $property In $Class.MandatoryProperties
        ? "   " + $property
    Next

    ? ?  "Optional Properties in this Class: "
    For Each $property In $Class.OptionalProperties
        ? "   " + $property
    Next
EndFunction