Hello All!
Over the past couple of months, I have been trying to figure out a way to point our users Local profile, to their soon to be, Domain profile. After lots of research, the Change Owner method, found in the WMI UserProfile class seemed to be a viable option for our environment. A user's Local account name will be the same as their Domain account name once they log in, and all of the domain accounts have currently been created and sitting in AD, waiting to be used. All my script needs is the computer name and it can go ahead and supplant every local user SID on that specified computer, with the corresponding Domain SID. As you will see in the notes, this script takes input of single or multiple values from the pipeline, parameter, and if you have a .csv you're working off of, it will take whatever is in there as well, if you wish. So, if anyone is in the middle of a profile migration and has a similar scenario, feel free to take a look and use whatever or all of what you see below! Profile migrations are never fun, so hopefully this can help anyone in need! Finger point to Don Jones and his Powershell Month of Lunches; this ebook has been EXTREMELY instrumental in everything I know about Powershell, including lots of functionality I've been able to incorporate into this script. I can't say enough about how fantastic that book is and what it has done for me-- thank you, DJ!
Without further ado, script below:
##The ChangeOwner function in this script will supplant a user's Local SID with their Domain SID
##This script can run in 3 different ways:
##Modify the UserList.csv 'ComputerName' field
##Pipe in single or multiple values
##Feed single or multiple values through the 'ComputerName' parameter
##An error log is also generated on the Administrator's machine and located in c:\errors.txt
$WorkingDirectory = $ENV:Userprofile+"\Documents\Scripts\ADBulkImport\"
$UserList = Import-Csv ($WorkingDirectory + "UserList.csv")
$Computers = $UserList | Select-Object -ExpandProperty ComputerName
function ChangeOwnerWork {
param ([string] $ComputerName)
$Users = gwmi win32_useraccount -ComputerName $Computer | foreach{$_.Name}
foreach($User in $Users) {
Trap {
$_ | Out-File c:\errors.txt -append
continue
}
$OriginalUser = gwmi win32_UserAccount -ComputerName $Computer -Filter "Name= '$User' AND LocalAccount=True"
$NewUser = gwmi "win32_UserAccount WHERE Name= '$User' AND Domain='Cul'"
$Profile = gwmi win32_UserProfile -ComputerName $Computer -filter "SID= '$($OriginalUser.SID)'"
$Profile.ChangeOwner($NewUser.SID,0)
}
}
function ChangeOwner {
param (
[Parameter(ValueFromPipeline=$True,
ValueFromPipelineByPropertyName=$True)]
[string[]]$ComputerName
)
BEGIN {
del c:\errors.txt -ea SilentlyContinue
$usedParameter = $False
if ($PSBoundParameters.ContainsKey('computername')) {
$usedParameter = $True
}
}
PROCESS {
if ($usedParameter) {
foreach($Computer in $ComputerName) {
ChangeOwnerWork -ComputerName $Computer
}
} else {
foreach($Computer in $Computers) {
$Users = gwmi win32_useraccount -ComputerName $Computer | foreach{$_.Name}
foreach($User in $Users) {
Trap {
$_ | Out-File c:\errors.txt -append
continue
}
$OriginalUser = gwmi win32_UserAccount -ComputerName $Computer -Filter "Name= '$User' AND LocalAccount=True"
$NewUser = gwmi "win32_UserAccount WHERE Name= '$User' AND Domain='Cul'"
$Profile = gwmi win32_UserProfile -ComputerName $Computer -filter "SID= '$($OriginalUser.SID)'"
$Profile.ChangeOwner($NewUser.SID,0)
}
}
}
}
END{}
}
ChangeOwner
Write-host "DONE!" -ForegroundColor Green
Over the past couple of months, I have been trying to figure out a way to point our users Local profile, to their soon to be, Domain profile. After lots of research, the Change Owner method, found in the WMI UserProfile class seemed to be a viable option for our environment. A user's Local account name will be the same as their Domain account name once they log in, and all of the domain accounts have currently been created and sitting in AD, waiting to be used. All my script needs is the computer name and it can go ahead and supplant every local user SID on that specified computer, with the corresponding Domain SID. As you will see in the notes, this script takes input of single or multiple values from the pipeline, parameter, and if you have a .csv you're working off of, it will take whatever is in there as well, if you wish. So, if anyone is in the middle of a profile migration and has a similar scenario, feel free to take a look and use whatever or all of what you see below! Profile migrations are never fun, so hopefully this can help anyone in need! Finger point to Don Jones and his Powershell Month of Lunches; this ebook has been EXTREMELY instrumental in everything I know about Powershell, including lots of functionality I've been able to incorporate into this script. I can't say enough about how fantastic that book is and what it has done for me-- thank you, DJ!
Without further ado, script below:
##The ChangeOwner function in this script will supplant a user's Local SID with their Domain SID
##This script can run in 3 different ways:
##Modify the UserList.csv 'ComputerName' field
##Pipe in single or multiple values
##Feed single or multiple values through the 'ComputerName' parameter
##An error log is also generated on the Administrator's machine and located in c:\errors.txt
$WorkingDirectory = $ENV:Userprofile+"\Documents\Scripts\ADBulkImport\"
$UserList = Import-Csv ($WorkingDirectory + "UserList.csv")
$Computers = $UserList | Select-Object -ExpandProperty ComputerName
function ChangeOwnerWork {
param ([string] $ComputerName)
$Users = gwmi win32_useraccount -ComputerName $Computer | foreach{$_.Name}
foreach($User in $Users) {
Trap {
$_ | Out-File c:\errors.txt -append
continue
}
$OriginalUser = gwmi win32_UserAccount -ComputerName $Computer -Filter "Name= '$User' AND LocalAccount=True"
$NewUser = gwmi "win32_UserAccount WHERE Name= '$User' AND Domain='Cul'"
$Profile = gwmi win32_UserProfile -ComputerName $Computer -filter "SID= '$($OriginalUser.SID)'"
$Profile.ChangeOwner($NewUser.SID,0)
}
}
function ChangeOwner {
param (
[Parameter(ValueFromPipeline=$True,
ValueFromPipelineByPropertyName=$True)]
[string[]]$ComputerName
)
BEGIN {
del c:\errors.txt -ea SilentlyContinue
$usedParameter = $False
if ($PSBoundParameters.ContainsKey('computername')) {
$usedParameter = $True
}
}
PROCESS {
if ($usedParameter) {
foreach($Computer in $ComputerName) {
ChangeOwnerWork -ComputerName $Computer
}
} else {
foreach($Computer in $Computers) {
$Users = gwmi win32_useraccount -ComputerName $Computer | foreach{$_.Name}
foreach($User in $Users) {
Trap {
$_ | Out-File c:\errors.txt -append
continue
}
$OriginalUser = gwmi win32_UserAccount -ComputerName $Computer -Filter "Name= '$User' AND LocalAccount=True"
$NewUser = gwmi "win32_UserAccount WHERE Name= '$User' AND Domain='Cul'"
$Profile = gwmi win32_UserProfile -ComputerName $Computer -filter "SID= '$($OriginalUser.SID)'"
$Profile.ChangeOwner($NewUser.SID,0)
}
}
}
}
END{}
}
ChangeOwner
Write-host "DONE!" -ForegroundColor Green