change name if not unique problems

Question

I made a script that changes the username if such a name is already taken, set up a business rule before user create as written in the instructions http://www.adaxes.com/help/ValidateModifyUserInputWithScript/, but when you try to create an account, an error appears that such an object already exists, while before that the rule for changing the name worked Error: Business Rules: 1 rule encountered while processing your request 'Check for unique': Run PowerShell script 'Check for unique' for the user The username has been changed to teadaxes@domain.com. The object already exists on 'domain.com:636'.

Answer 1

Hello,

The thing is that Active Directory does not allow creating users with the same Full Name in the same OU. This is something that can be adjusted in a script same like the username. For an example, have a look at Example 3 – Rename the user if the Full Name is not unique within the OU in the following tutorial: https://www.adaxes.com/help/ValidateModifyUserInputWithScript.

Comments

I create an account in another ou, where there are no duplicates, but still an error. I tried to check for duplicates in one OU, also an error! Screenshot 2022-11-21 112625.png Script:

Import-Module Adaxes

function IsUserNameUnique($username)
{
    $domain = $Context.GetObjectDomain("%distinguishedName%")
    $user = Get-AdmUser -Filter {userPrincipalName -eq $username}  -Server $domain -AdaxesService localhost
    return $null -eq $user
}

$username = $Context.GetModifiedPropertyValue("userPrincipalName")
$firstname = $Context.GetModifiedPropertyValue("givenName")
$lastname = $Context.GetModifiedPropertyValue("sn")

if (IsUserNameUnique($username))
{
    return
}

$localPart, $domainPart = $username.Split("@")
$uniqueUsername = $Null
for ($i = 1;; $i++)
{
    $uniqueUsername = $firstname.Substring(0, $i) + $lastname + "@" + $domainPart
    if (IsUserNameUnique($uniqueUsername))
    {
        $samAccountName = $firstname.Substring(0, $i) + $lastname
        break
    }
}

$Context.SetModifiedPropertyValue("userPrincipalName", $uniqueUsername)
if ($Context.IsPropertyModified("sAMAccountName"))
{
    $Context.SetModifiedPropertyValue("sAMAccountName", $samAccountName)
}

$Context.LogMessage("The username has been changed to " + $uniqueUsername + ".", "Information")

---

Hello,

The error about existing object is returned by Active Directory and is not related to Adaxes. Are you sure that there are no accounts in the OU with the same Name/Full Name? You r script does not check that. If you are checking in Adaxes, the existing duplicate can be in unmanaged list and not displayed when browsing AD. Please, try checking in AD itself (e.g. using Active Directory Users and Computers).