Syncing user attributes cross forest. I wrote a script that can be used to sync user attributes cross forest. Run this script in the destination forest. The example below syncs the email address attribute on the user account.
' Active Directory Const's
' Active Directory Const's
Const ADS_SCOPE_SUBTREE = 2
Const ADS_PROPERTY_UPDATE = 2
Set rootDSE = GetObject("LDAP://rootDSE")
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADSDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
objCommand.Properties("Page Size") = 1000
objCommand.CommandText = "SELECT * FROM 'LDAP://olddomain/dc=olddomain,dc=local' WHERE objectCategory='user'"
Set objRecordSet = objCommand.Execute
On Error Resume Next
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
Set objType = GetObject(objRecordSet.Fields("ADsPath").Value)
strDistinguishedName = Replace(objType.distinguishedName, "DC=olddomain,DC=local", "DC=newdomain,DC=local")
strEmailAddress = objType.mail
ADChanges()
objRecordSet.MoveNext
Loop
Wscript.echo "Email Addresses have been Migrated"
Function ADChanges()
Set objUser = GetObject("LDAP://" & strDistinguishedName)
objUser.Put "mail", strEmailAddress
objUser.SetInfo
End Function
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment