PowerShell Script Failing to Update AD Attributes via MID Servers using ADV2 Spoke
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-07-2025 06:39 AM
Hi Community,
I’m trying to update Active Directory attributes (specifically UPN/suffix for shared mailboxes) using a PowerShell script executed via the MID Server, but it’s consistently failing.
Please find below script:
param (
[string]$samAccountName,
[string]$newDomain
)
try {
Import-Module ActiveDirectory -ErrorAction Stop
# Get the user from AD
$user = Get-ADUser -LDAPFilter "(sAMAccountName=$samAccountName)" -Properties userPrincipalName, DistinguishedName, sAMAccountName
if ($null -eq $user) {
Write-Output "result=ERROR: User '$samAccountName' not found in Active Directory."
exit 1
}
$currentUPN = $user.UserPrincipalName
$newUPN = "$($user.sAMAccountName)@$newDomain"
if ($currentUPN -eq $newUPN) {
Write-Output "result=No change needed. UPN already set to '$newUPN'"
exit 0
}
# Update UPN
Set-ADUser -Identity $user.DistinguishedName -UserPrincipalName $newUPN -ErrorAction Stop
# Return detailed result to ServiceNow
Write-Output "result=SUCCESS: UPN updated."
Write-Output "samAccountName=$samAccountName"
Write-Output "currentUPN=$currentUPN"
Write-Output "newUPN=$newUPN"
Write-Output "distinguishedName=$($user.DistinguishedName)"
}
catch {
Write-Output "result=ERROR: $($_.Exception.Message)"
exit 1
}
The above script throws error as - PowerShell script execution failed. Script returned status 1 using account local MID server service credential.
However, I'm able to automate the creation of shared mailbox on AD with the same MID server credentials.
Thanks in advance for your support.
