Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
WiP Powershell script to move students from one grade to another.
#requires -version 4
Move student from one year to another
Move student from one grade/year to another.
Includes changing the user name, renaming profile and home directories
on disk, move to new OU and security group
PS C:\> .\Move-VMADStudent.ps1
Asks the user to supply source and target user name
Inputs (if any)
Output (if any)
Version: 0.1
Author: Laage
Creation Date: 2017-08-23
Modification Date:
Purpose/Change: Move user from one grade/year to another
#Import Modules & Snap-ins
Import-Module ActiveDirectory
#Any Global Declarations go here
$date = Get-Date -DisplayHint Date -Format FileDate
$dateTime = Get-Date -Format u
$path = Split-Path -Parent $MyInvocation.MyCommand.Definition
$log = $path + "\" + ([io.fileinfo]$MyInvocation.MyCommand.Definition).BaseName + "_" + $date + ".log"
$addn = (Get-ADDomain).DistinguishedName
$dnsroot = (Get-ADDomain).DNSRoot
$baseUserOU = "OU=Accounts,OU=Location," + $addn
$studentOU = "OU=Students," + $baseUserOU
$userFolder = "\\[SERVERNAME]\User$\UserFolders\"
$profileFolder = "\\[SERVERNAME]\User$\Profiles\"
function GetUserName() {
$oldName = Read-Host -Prompt 'Original user name'
$newName = Read-Host -Prompt 'New user name'
if (Get-ADUser -Filter {sAMAccountName -eq $oldName}) {
'User exists in AD'
if (Get-ADUser -Filter {sAMAccountName -eq $newName}) {
"User {0} already exists in AD" -f $newName
else {
$renameID = (Get-ADUser -Identity $oldName).ObjectGUID
RenameUser $oldName $newName $renameID
else {
'User does not exist in AD'
} # Close GetUserName
function RenameUser() {
$newYear = $newName.Substring(0,2)
$oldYear = $oldName.Substring(0,2)
# Sets new Name in AD
Rename-ADObject -Identity $renameID -NewName $newName
# Sets E-mail Address in AD
Set-ADUser -Identity $renameID -EmailAddress ("{0}@{1}" -f $newName,$dnsroot)
# Sets User Logon Name
Set-ADUser -Identity $renameID -userPrincipalName ("{0}@{1}" -f $newName,$dnsroot)
# Sets User Logon Name (pre Windows 2000)
Set-ADUser -Identity $renameID -SamAccountName $newName
# Rename Home Directory on disk
Rename-Item -Path ("{0}{1}" -f $userFolder, $oldName) -NewName ("{0}{1}" -f $userFolder, $newName)
# Sets Home Directory
Set-ADUser -Identity $renameID -HomeDirectory ("{0}{1}" -f $userFolder,$newName)
#Rename Profile Directory on disk
Rename-Item -Path ("{0}{1}.V2" -f $profileFolder,$oldName) -NewName ("{0}{1}.V2" -f $profileFolder,$newName)
# Sets Profile Directory
Set-ADUser -Identity $renameID -ProfilePath ("{0}{1}.V2" -f $profileFolder,$newName)
# Move user to new OU
Move-ADObject -Identity $renameID -TargetPath ("OU={0},{1}" -f $newYear,$studentOU)
# Add user to new Security Group
Get-ADGroup ("Students20{0}" -f $newYear) | Add-ADGroupMember -Members $renameID
# Remove user from old Security Group
Get-ADGroup ("Students20{0}" -f $oldYear) | Remove-ADGroupMember -Members $renameID -Confirm:$false
} # Close renameUser
Copy link

laage commented Aug 31, 2017

Anonymized and anglicized

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment