none
Modify AD properties on computers RRS feed

  • Question

  • I have recently discovered that some of my computers have e-mail addresses assigned. This creates a problem in a system that I am using. I want to remove the mail and proxyAddresses attributes from the computer objects. I have the following script to set the attributes to null. I will provide a list of the computers but am trying to work out the bugs with just one computer to start. It gives me an error before it runs anything.

    $computers = "asdtp33"
    # Iterate the computers and update the mail and proxyAddresses attributes in AD.
    foreach($Computer in $Computers)
    {
        # Update properties.
        $ComputerI = Get-ADComputer $Computer -Properties mail,proxyAddresses
        $ComputerI.Mail = ""
        $ComputerI.proxyAddresses = "" 
        # Update the user data in AD using the Instance parameter of Set-ADComputer.
        Set-ADComputer -instance $ComputerI
    }

    The error that I get is

    Set-ADComputer : replace
    At line:11 char:5
    +     Set-ADComputer -instance $ComputerI
    +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : InvalidOperation: (:) [Set-ADComputer], ADInvalidOperationException
        + FullyQualifiedErrorId : replace,Microsoft.ActiveDirectory.Management.Commands.SetADComputer

    The syntax looks correct to me so I do not know what is wrong. does anyone see what the problem is?   I do have the AD modules loaded.

    Tuesday, September 20, 2016 2:47 PM

Answers

  • Get-ADComputer win7 | Set-ADComputer -Clear mail,proxyAddresses


    Tuesday, September 20, 2016 2:57 PM
  • You're trying too hard :) In your foreach loop, use:


    Set-ADComputer $computer -Clear "mail","proxyAddresses" 
    

    instead.


    -- Bill Stewart [Bill_Stewart]

    • Marked as answer by JRussell97 Tuesday, September 20, 2016 3:28 PM
    Tuesday, September 20, 2016 2:59 PM
    Moderator

All replies

  • Get-ADComputer win7 | Set-ADComputer -Clear mail,proxyAddresses


    Tuesday, September 20, 2016 2:57 PM
  • You're trying too hard :) In your foreach loop, use:


    Set-ADComputer $computer -Clear "mail","proxyAddresses" 
    

    instead.


    -- Bill Stewart [Bill_Stewart]

    • Marked as answer by JRussell97 Tuesday, September 20, 2016 3:28 PM
    Tuesday, September 20, 2016 2:59 PM
    Moderator
  • Thanks to both of you.  That worked like a charm.
    Tuesday, September 20, 2016 3:28 PM
  • Just to elaborate, you cannot assign blank strings, or even nulls, to attributes in AD. In fact, any attribute of any object that does not have a value assigned is not actually saved in the AD database. The -Clear parameter of the PowerShell cmdlets do what is required to clear the attributes so they have no value.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Tuesday, September 20, 2016 4:40 PM
    Moderator