Actions
1. UPDATE AD
- Download here or load from a Skype for Business installation DVD / file
- Open command prompt as administrator and go to the schematic map on the hard drive
Start the commands below (replace dc.contoso.local with the address of a domain controller and "DC=contoso,Dc=local" with the distinguishedName of your AD).
Code Block language powershell linenumbers true ldifde -i -v -k -s dc.contoso.local -f ExternalSchema.ldf -c DC=X "DC=contoso,DC=local" -j c:\Schema ldifde -i -v -k -s dc.contoso.local -f ServerSchema.ldf -c DC=X "DC=contoso,DC=local" -j c:\Schema ldifde -i -v -k -s dc.contoso.local -f BackCompatSchema.ldf -c DC=X "DC=contoso,DC=local" -j c:\Schema ldifde -i -v -s dc.contoso.local -f VersionSchema.ldf -c DC=X "DC=contoso,DC=local" -j c:\Schema -j = Log file location -i = Import operation performed -v = Verbose (show changes on screen) -k = Keep going even if some entries can't be processed -s = Server location -f = File location -c = Change from-string in data to to-string. This lets you customize a generic LDIF file for your installation. For example, from-string might be the placeholder DC=X, and to-string might be your domain DN. Replaces in this case the DC=X without your domain location.
An import will look like this:
Note that the log will always be called LDIF.txt. You may want to make a copy of the output during each command. Look especially at the information in the file, often you see information like this:
You can do the same by performing Step 1: Prepare schedule of the Skype for Business Deployment wizard ( https://technet.microsoft.com/en-us/library/dn951386.aspx ).
2. TESTING AD
Code Block | ||||
---|---|---|---|---|
| ||||
#Requirements
#- Install-Module AzureADPreview
#Options
#$user: this is the user to check in the Active Directory
$USER = "username@domain.com"
#Do not change below here.
Connect-AzureAD
$AAD_USER = Get-AzureADUser -ObjectId $USER
$AAD_USER | SELECT -ExpandProperty ExtensionProperty |
locati
Script to update attributes
Save script below as .ps1 and run on domain controller. Or run from Powershell ISE. Please read the script carefully. SoftApp-distribution is not responsible for running the script.
Code Block | ||||
---|---|---|---|---|
| ||||
Param( [ValidateSet("ou","group")] [Parameter(Mandatory=$true)] [string]$user_container, [Parameter(Mandatory=$true)] [string]$user_location, [Parameter(Mandatory=$false)] [ValidateSet("OneLevel","Subtree")] [string]$user_location_scope, [Parameter(Mandatory=$true)] [ValidateSet("onpremise","cloud","clear")] [string] $location ) ##### About script # Created by: Maarten Meijer # Copyright: SoftApp-distribution (2018) # Version: 1.1-b04072018 # 04-07-2018: Added scoping on OU # 04-07-2018: Added option to clear attributes and reset to defaults # 04-07-2018: Changed searching to a Searchbase to limit the results and fix error with incorrect OU name # # Requirements: # - Run on AD domain controller # # Usage: # 1. Just run the script! Parameters will be asked upon running. # Options/Parameters: ## -user_container ==> object that contains the user subset ("group" or "ou") ## -user_location ==> if a "group" is selected enter the sAMACCOUNTNAME here of the group. On selecting a OU enter the DN of the OU (use opening and closing ") ## -location ==> location of the hosted users ("onpremise" or "cloud") ## -user_location_scope ==> depth of OU searching ("OneLevel" or "Subtree") # # Important # This script sets the UPN as the SIGN IN ADDRESS of the user. If those are not the same, modify the script! # # # DO NOT CHANGE ANYTHING BELOW HERE $Logfile = "C:\change_ad.log" Function LogWrite { Param ([string]$logstring) Add-content $Logfile -value $logstring } LogWrite("UPDATE AD: " + (Get-Date).tostring()) LogWrite("user_container: " + $user_container) LogWrite("user_location: " + $user_location) LogWrite("location: " + $location) Import-Module ActiveDirectory Write-Host "[AD UPDATE] Start" -foregroundcolor Green #Get users from OU switch($user_container) { "group" { $found_group = Get-ADGroup -Identity $user_location if ($found_group -ne $null) { $users = Get-ADGroupMember -Identity $user_location | Get-ADuser } else { LogWrite("Unable to find group") Write-Host "Unable to find group" -foregroundcolor red break } } "ou" { #use searchbase instead of pipeline filter, otherwise can catch too many users if string is not correctly formatted. $users = Get-ADUser -Filter {Enabled -eq $true} -SearchBase $user_location -SearchScope $user_location_scope } } foreach ($user in $users) { #update attributes Write-Host "[$($user.UserPrincipalName)] Updating attributes" -foregroundcolor green LogWrite("[$($user.UserPrincipalName)] Updating attributes") if($location -eq "onpremise") { LogWrite("[$($user.UserPrincipalName)] onpremise") Set-ADUser -Identity $user.SamAccountName -replace @{'msRTCSIP-DeploymentLocator'="SRV:";'msRTCSIP-PrimaryUserAddress'="sip:$($user.UserPrincipalName)";'msRTCSIP-UserEnabled'="TRUE";} } elseif ($location -eq "cloud") { LogWrite("[$($user.UserPrincipalName)] cloud") Set-ADUser -Identity $user.SamAccountName -replace @{'msRTCSIP-DeploymentLocator'="sipfed.online.lync.com";'msRTCSIP-PrimaryUserAddress'="sip:$($user.UserPrincipalName)";'msRTCSIP-UserEnabled'="TRUE";} } elseif ($location -eq "clear") { LogWrite("[$($user.UserPrincipalName)] clear") Set-ADUser -Identity $user.SamAccountName -clear @('msRTCSIP-DeploymentLocator';'msRTCSIP-PrimaryUserAddress';'msRTCSIP-UserEnabled';) } } LogWrite("[AD UPDATE] Done") Write-Host "[AD UPDATE] Done" -foregroundcolor Green |
Additional information
About LDIFDE https://msdn.microsoft.com/en-us/library/Bb727091.aspx
- Technet about Skype for Business schema expansions https://technet.microsoft.com/en-us/library/gg398607(v=ocs.15).aspx
- Expand on schedule http://www.markc.me.uk/blog/files/SchemaUpdateMethods.html
- Technet about Skype for Business schema attributes https://technet.microsoft.com/en-us/library/gg412841.aspx