AD migration and Powershell more fun than…
Ok been a while
August 18, 2011Posted by on
So what is the hardest part of migrating 2200 logons to a new home drives, new logons, and a new directory structure… getting everyone to take the first step. Here is why we had such a long pause:
We planned the best way to make the move
We created the script to make the move happen
We tested the migration and refined it until we could migrate with no unexpected issues
We presented our plan and schedule and… we had to get it approved through management.
So after 30 meetings, answering the questions of why this has to happen over and over everyone now agrees and we can move on.
With that said we started our conversions.
Here is a nifty script we used to find an accurate last logon for all users in a specific OU. Again we are a 2003 domain so we have to check all the domain controllers. This script goes through the domain controllers and picks the latest date.
$NewOU = Read-Host "what do you want the output to be called"
$dcs = get-qadcomputer -SearchRoot '/domain controllers'
$usertofind = get-qaduser -Service '' -sizelimit 0 -SearchRoot ('<domain/ouyouwanttosearch')
$time = (get-date).Addyears(-50) #starting date this one ends up in 1961
$file = ('h:\' + $newou + '.csv')
Foreach ($u in $usertofind)
#Get-ADUserLastLogon -UserName $u.samaccountname
foreach($dc in $dcs)
$hostname = $dc.name
$user = get-qaduser -Service $hostname $u.samaccountname
if($user.LastLogon -gt $time)
$time = $user.LastLogon
$line = $u.samaccountname + ',' + $time + ',' + $u.UserMustChangePassword
add-content $file $line
$time = (get-date).Addyears(-50)