Copying data from one attribute to another attribute in Active Directory

We often have customers that want to allow their users to use their mobile device as an identity service for our self-service solutions.

By default, we use the ‘mobile’ attribute in AD as it automatically enrolls a user into the service if their mobile number exists in AD. Usually the attribute is pre-populated with company provided mobile numbers. However, some customers do not want this field populated with personal mobile numbers as it may end up in signatures, the corporate address book, or another business directory.

In this scenario, we recommend that they make use of the Custom Mobile Attribute option as described on our support pages.

Specops uReset

https://specopssoft.com/support-docs/specops-ureset/administration/administrator-configurations/

Specops Authentication

https://specopssoft.com/support-docs/specops-authentication/administration/authentication-web/

Specops Password Reset

https://specopssoft.com/support-docs/specops-password-reset/reference-material/modifying-the-user-attributes-used-by-the-system/

Unfortunately, this means that ALL users will need to enroll with their mobile device. This is undesirable as they will lose the benefit of auto enrollment for all the corporate device users.

Fortunately, we have PowerShell to save the day! By running one line of PowerShell we can copy the data from the mobile AD attribute to another. In my example I’m using the pager attribute as the target.

Get-ADUser -LDAPFilter ‘(mobile=*)’ -Properties mobile, pager |Select-Object * | ForEach-Object {Set-ADObject –Identity $_.DistinguishedName ` -Replace @{Pager=$($_.mobile)}}

Of course this does assume that your mobile numbers are in the correct E164 format i.e. +44123412345, you might have do some further coding to make that happen.

(Last updated on August 2, 2018)

Tags:

darren james

Written by

Darren James

Darren James is a Product Specialist and cyber security expert at Specops Software. He works as a lead IT engineer to help customers reduce costs, improve security and increase productivity. He holds Microsoft certifications within IT Service Management, O365, Enterprise Administrator, Server Administrator and Security. Darren has more than 25 years’ experience working in technical IT roles, centering around Active Directory, IT security, cloud, larger-scale migrations, integrations and identity and success management.

Back to Blog