Migrate existing users from local domains to Open Directory.

Similar Messages

• Error adding new users from local server

  Hello, BPC Gurus,
  We use BPC 7.0 MS SP4, MS SQL 2008 (Server name - BPCP01)
  In Administration Console we're trying to add user from local server (server with SQL Database), and warning window is appeared with message "The Server Is Not Operational [BPBCP01]"
  I checked Logging folder and found message:
  ==============[System Error Tracing]==============
  [System  Name] : OSoftAdminSecurity
  [Job Name]     : frmManageUser::GetAllObjectsFromDomainServer
  [DateTime]     : 2010-12-06 16:58:43
  [Exception]
      DetailMsg  : {System.Exception: The server is not operational [BPCP01]
     at Microsoft.VisualBasic.CompilerServices.LateBinding.LateGet(Object o, Type objType, String name, Object[] args, String[] paramnames, Boolean[] CopyBack)
     at OSoft.Consumers.Admin.Security50.ManageDataSet.GetAllObjectsFromDomainServer(String pDomainName, String pLDAPFullPath, Int32 pDomainObjectType, String pObjectValue, String pDomainType)
     at OSoft.Consumers.Admin.Security50.frmManageUser.GetAllObjectsFromDomainServer(String pDomainName, FILTER_TYPE pOptionType, String pOptionValue, String pDomainType)}
  ===========[System Error Tracing  End ]===========
  Any ideas?

  The installation was done with a local user or with a domain user?
  You know that BPC server can not be in the same time also domain controler.
  Are you using Windows authentication or CMS authentication.
  If you are using CMS authentication then again you can not add local users.
  If you are using Windows authentication then you have to go into server Manager
  Options - Define System User Groups
  Domain Type - Local Windows
  System User Group Name - Local Users.
  If you are using Windows 2008 make sure you addrole to have compatibility with IIS 6.because using this module bpc is adding new users.
  Regards
  Sorin Radulescu

• Grant access to users from different Domains

  Hi,
  Recently my company was merged with another. All users from my company are setup in our Domain (DomainA). Sharepoint is able to see the users in this domain and grant access to the users as well. When the merger happened, we created a Group (Test - Sharepoint)
  in our AD to add groups from other companie's domain:DomainB, totally different Forest. There is a two way trust setup between these domains. The group Test-Sharepoint is "domain local" and it is able to see the groups/users from other domain: DomainB.
  The other users are now able to access our sharepoint environment once access is granted to DomainA\Test-Sharepoint.
  Problem came when we applied Audience targetting around few web parts. The users from DomainB who are added as object in DomainA\Test-Sharepoint (group in DomainA) are not able to see the web parts that have audience targeting for this group. Someone
  suggested that AD groups should be Global or Universal but that is not our case. Most of the groups in our AD are domain local and SP is able to see the users within it.
  Please suggest how we can resolve audience targeting issue?
  Regards, Kapil ***Please mark answer as Helpful or Answered after consideration***

  My apologies, yes that is correct you'll have to use Domain Local in this case. http://technet.microsoft.com/en-us/library/cc755692(v=WS.10).aspx
  Actually what you'll need to do is not use Groups in your domain at all, as the users are Foreign Security Principals. Instead, use a group in the trusted domain, or attributes of the users you intend to target directly.
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• How to grant access to sharepoint for the user from different Domain

  Hi All
      I need to grant access to user from different domain. 
      Where I can able to view the users in people picker (different domain).
  Thanks in Advance.
  Raj

   Hi
  Trevor Seward
  Sorry to disturb
  you again.
    I am trying to restrict user from search from other domain, say we have domain A and Domain B, where I am trying to restrict all the user from domain B (Search users)for a site collection. I have found couple of stsadmin command to do so. but none
  of them works. Below are the commands I have tried
  STSADM.exe -o setproperty -pn peoplepicker-searchadforests -pv "domain:<Name>.domain" -url "http://Site URL"
  stsadm -o setproperty -pn peoplepicker-searchadcustomquery -pv “(canonicalName=<Name>.domain*)” -url "Site URL"
  we have two way trust.
  Can you suggest any solution.
  Thanks 
  Raj

• Is there a way to migrate AD users to different domain?

  Hello SharePoint Fam,
  I have a 10,000 user environment and these users are spread across 15 different domains.  Our data/network team are beginning to migrate and consolidate our environment down to one domain.  We did a test and had them migrate a couple of accounts
  to different domain and confirmed that this breaks the user access.  Is there a script or recommendation that I could use to migrate specific users to this domain?  This new domain is still under the same forest
  Thanks n advance,

  Hi,
  According to your description, my understanding is that you want to migrate AD users to another domain.
  The tool you need to migrate users between domains is ADMT (Active Directory Migration Tool) which will migrate users, groups, and computers.
  After that, we need to use Move-SPUser to migrate the users to new accounts:
  $user = Get-SPUser -web http://my.website.url -Identity DomainA\UserA
  Move-SPUser -IgnoreSID -Identity $user -NewAlias 'DomainB\UserA'
  More references:
  http://technet.microsoft.com/en-us/library/ff607729(v=office.15).aspx
  http://localhost25.blogspot.com/2012/06/sharepoint-2010-migrate-users-with-move.html
  http://blogs.msdn.com/b/sowmyancs/archive/2012/01/07/migrate-users-groups-powershell-script.aspx
  Thanks,
  Victoria
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Victoria Xia
  TechNet Community Support

• Migrate existing infracture from Solaries to linux plateform

  Hi,
  We want to migrate existing infracture from Solaries to linux plateform.
  Please suggest me the way.
  Our Current Infracture:-
  Serve 1 (on Sun Sparc):-
  indianDBA-1 (Contain:- Infrastructure database (Meta) 10.1.0.4.2 10G R1, Infrastructure middle tier 10G R2)
  Server 2 (on Sun Sparc):-
  indianDBA-2 (Contain:- Application Server middle tier 10G R2 10.1.2.0.2)
  Server 3 (on Sun Sparc)
  indianDBA-3 (Contain:- contains Discoverer report, EUL schema) 11G R2
  Thanks
  Anup

  Hi,
  You can use export/import or transportable tablespaces to migrate the database.
  10gR2 Transportable Tablespaces Certified for EBS 11i
  http://blogs.oracle.com/stevenChan/2010/04/10gr2_xtts_ebs11i.html
  Migrating E-Business Suite Release 11i Databases Between Platforms
  http://blogs.oracle.com/stevenChan/2008/08/migrating_ebusiness_suite_databases_between_platfo.html
  Note: 362205.1 - 10g Release 2 Export/Import Process for Oracle Applications Release 11i
  How long the task would take? Depends on the hardware resources you have. The best practice is to try this on a test instance first.
  The application should work as expected once the task is completed.
  Thanks,
  Hussein

• I migrated a user from another mac and cant get any updates to install!

  Hi
  I migrated a user from another mac and cant get any updates to install, for example it says iPhoto is intalled but its not, i never copied it from the older imac, and i cant download it to this one now
  any help appreciated

  Try setting up another admin user account to see if the same problem continues. If Back-to-My Mac is selected in System Preferences, the Guest account will not work. The intent is to see if it is specific to one account or a system wide problem. This account can be deleted later.
  Isolating an issue by using another user account
  If the problem is still there, try booting into the Safe Mode using your normal account.  Disconnect all peripherals except those needed for the test. Shut down the computer and then power it back up after waiting 10 seconds. Immediately after hearing the startup chime, hold down the shift key and continue to hold it until the gray Apple icon and a progress bar appear. The boot up is significantly slower than normal. This will reset some caches, forces a directory check, and disables all startup and login items, among other things. When you reboot normally, the initial reboot may be slower than normal. If the system operates normally, there may be 3rd party applications which are causing a problem. Try deleting/disabling the third party applications after a restart by using the application un-installer. For each disable/delete, you will need to restart if you don't do them all at once.
  Safe Mode
  Safe Mode - About

• Migrating users from one domain to another(Interforest)

  Scenario- Two Domains A & B in two different forests.
  A - holds exchange server in DMZ and 2 domain controllers in A used by exchange also in DMZ
  B holds all users and computers and 2 Domain controllers used for authentication .
  Now I want to migrate all users and computers  in B domain to A domain using ADMT
  My question here is
  1. Can I use the DCs used by exchange to authenticate if I migrate users and computers from B to A.
  2. If not what is the work around here. I want to build  an action plan on this.

  After the migration users will be in Domain A.  Authentication will happen locally in Domain A using Domain A DCs.   Make sure you have correct DNS server (DNS from domain A) for these workstations. 
  Santhosh Sivarajan | Houston, TX | www.sivarajan.com
  ITIL,MCITP,MCTS,MCSE (W2K3/W2K/NT4),MCSA(W2K3/W2K/MSG),Network+,CCNA
  Windows Server 2012 Book - Migrating from 2008 to Windows Server 2012
  Blogs: Blogs
  Twitter: Twitter
  LinkedIn: LinkedIn
  Facebook: Facebook
  Microsoft Virtual Academy:
  Microsoft Virtual Academy
  This posting is provided AS IS with no warranties, and confers no rights.

• We had migrated our servers from a domain to cloud. all the web applications working fine locally, but from outside they are accessible but on editing giving 404 with some request id.

  hi all,
  recently we migrated our moss 2007 from a domain to cloud env. everything goes well and all the application working fine locally.
  but when users are trying from outside first they get promt for basic auth, that is enabled, its fine. then servers serve first page smoothly. all the application browsing is fine. but when authorized users are trying to edit a web page and they click on
  anything(save, submit for publication, publish) they get 404 with a request ID. another thing if they add a new page to app and then make any changes to that page then they are not getting any issue.
  please help if any one resolved that kind of issue.
  thanks in advance.
  SJ

  Hi Sumanpreet,
  Thanks for posting your issue, Kindly check out below mentioned URLs to get the fix for this issue
  http://www.sharepointdiary.com/2011/02/404-page-not-found-error-sharepoint-2010-migration.html#ixzz2jHyVIFcX
  http://vasya10.wordpress.com/category/sharepoint-2010/sharepoint-2007-to-2010-migration/
  https://social.technet.microsoft.com/Forums/en-US/d80e7495-e889-4209-9a0a-82a852c944b1/after-migration-from-moss-2007-to-sharepoint-2010-i-tried-to-check-the-site-with-site-url-getting?forum=sharepointadmin
  I hope this is helpful to you, mark it as Helpful.
  If this works, Please mark it as Answered.
  Regards,
  Dharmendra Singh (MCPD-EA | MCTS)
  Blog : http://sharepoint-community.net/profile/DharmendraSingh

• Why do we need a disabled AD object prior to migrating user from one domain to another.

  Say i am migrating a user 'Mr.A' mailbox from abc.com to xyz.com in exchange 2010 environemnt, why do i need a disabled AD object for Mr. A in xyz.com prior to migrating  ? please suggest.
  Aditya Mediratta

  Hi ,
  To be frank i am not aware of quest but i can suggest you in ADMT and also in exchange cross forest migration.
  I hope you are doing the cross forest migration from exchange forest to exchange forest , so on such case by using the prepare-moverequest.ps1  we can have
  only have the disabled MEU on the target exchange forest until the remaining attributes of the user object was migrated from ADMT.
  While running the prepare-moverequest.ps1  it will not completely move all the active directory user attributes from the source forest to the target forest
  but it will move all the exchange attributes to the target forest and finally it will make the MEU object in the disabled state. Since
  all the exchange attributes are already migrated to the target forest ,so prior to use ADMT user account migration we need to exclude the exchange attributes
  by running the script on the ADMT server .After doing so exchange attributes will not be migrated but the required user attributes will be migrated to make the MEU to the enabled state.
  Reference Link for types of exchange migration between the forest :
  http://blogs.technet.com/b/exchange/archive/2010/08/10/3410619.aspx
  Thanks & Regards S.Nithyanandham

• Issue using ADSI in powershell to load users from another domain into a group

  I am trying to load users into a domain local security group from another domain using ADSI and powershell. For users who have an existing foreign security principal I can load that without issue, but the users who do not have a foreign security principal
  I am unable to load.
  These work fine, assuming the group domain is fabrikam:
  $Group.psbase.invoke("Add",[ADSI]"LDAP://CN=$external_user_sid_who_has_a_FPN,CN=ForeignSecurityPrincipals,DC=fabrikam,DC=com")
  $Group.psbase.invoke("Add",[ADSI]"LDAP://$userDN,DC=fabrikam,DC=com")
  These does not:
  $Group.psbase.invoke("Add",[ADSI]"LDAP://CN=$externaluser_sid_who_does_not_have_a_FPN,CN=ForeignSecurityPrincipals,DC=fabrikam,DC=com")
  $Group.psbase.invoke("Add",[ADSI]"LDAP://<SID=$external_user_sid_who_does_not_have_a_FPN>")
  $Group.psbase.invoke("Add",[ADSI]"LDAP://<SID=$external_user_hex_sid_who_does_not_have_a_FPN>")
  Any help would be greatly appreciated.
  Thank you

  Thank you for your reply,
  I started with that thread and it ultimately recommends using the [ADSI]"LDAP://<SID=$hexsid>, this bind is not working for me. The page it points to for conversion of sid to hexsid is in VBS, but I have used the below powershell to duplicate its function.
  $sid = "S-1-5-21-2127521184-1604012920-1887927527-72713"
  $parts = $sid.Remove(0,6).Split("-")
  foreach ($part in $parts)
  $hex = ([Convert]::ToString($part, 16)).ToUpper()
  While ($hex.length -lt 8)
  $hex = "0" + $hex
  for ($i=1; $i -lt 5; $i++)
  $reverseEndian = $reverseEndian + $hex.substring($hex.length -2, 2)
  $hex = $hex.Remove($hex.length -2, 2)
  $hexSid = "0105000000000005" + $reverseEndian
  For example SID S-1-5-21-2127521184-1604012920-1887927527-72713 needs
  to be turned into raw hex sid 010500000000000515000000A065CF7E784B9B5FE77C8770091C0100 according to that article and
  then put in the ADSI bind like this: [ADSI ]"LDAP://<SID=010500000000000515000000A065CF7E784B9B5FE77C8770091C0100>". 
  When I put that bind in (with an actual sid and not an example sid) I get the following error:
  format-default : The following exception occurred while retrieving member "PSComputerName": "There is no such object on
  the server.
  + CategoryInfo : NotSpecified: (:) [format-default], ExtendedTypeSystemException
  + FullyQualifiedErrorId : CatchFromBaseGetMember,Microsoft.PowerShell.Commands.FormatDefaultCommand
  For users who are on another domain but already have a foreign principal name created, I can add them easily enough by converting their sid to the appropriate foreign principal name format. I haven't yet had any success adding someone who doesn't have a
  foreign principal name though, even after trying the solution referenced in the article.
  Thank you in advance for any help.

• People Picker Showing Users From Both Domains

  We recently have begun setting up and laying out SharePoint 2010 Standard. It was brought to my attention that when using the search/browse function of the 'people picker' it is showing users from both the domains currently available on our network. Our
  current domain is a *.local domain and the old one which is no longer used for very much is a *.com domain. I have researched this issue and tried running the stsadm 'getproperty' and 'setproperty' commands. The 'getproperty' command for "peoplepicker-distributionlistsearchdomains",
  "peoplepicker-searchadforests", "searchadfilter", etc; always returns "<Property Exist="No" />" even after I have just run a set command and it reports that the command had run successfully. I read something
  about setting the stsadm -o setapppassword -password command, but I am unsure what this does to the current sharepoint configuration.
  Hopefully someone can help me fix this issue so that when people select browse/search only users from the *.local domain are shown.
  Thank you very much to anyone who can help me with this. I have been researching this issue for some time, but my knowledge regarding SharePoint is very limited, and I do not want to continue trying other more in-depth approaches I have found that may resolve
  this issue until I am better informed.

  This is normal when there is a trust between the domains. It is also normal if you previously added users from the .com domain to a SharePoint site as they'll be in the ULS logs.
  To resolve the first type of issue, where a trust does exist, run:
  stsadm -o setproperty -pn peoplepicker-searchadforests -pv "forest:domain.local" -url http://webAppUrl
  To resolve the second issue, run:
  $user = Get-SPUser -Identity "COMdomain\username" -Web http://webUrl
  Move-SPUser -Identity $user -NewAlias "LOCALdomain\username" -IgnoreSid
  Trevor Seward, MCC
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• How can i migrate my users from my laptop running 1.7.1 to my new i mac running 1.6.8

  hi i tried to migrate my user info from my laptop to my new i mac and it wont do it until i update my i mac . i cant do this as the laptop is on 1.7.1 and the i mac is on 1.6.8. both are the current version. thanks

  Lion Up-To-Date upgrade
  "The Mac OS X Lion Up-To-Date upgrade is available at no additional charge via the Mac App Store to all customers who purchased a qualifying new Mac system from Apple or an Apple Authorized Reseller on or after June 6, 2011. Users must request their Up-To-Date upgrade within 30 days of purchase of their Mac computer. Customers who purchase a qualifying Mac between June 6, 2011 and the date when Lion is available in the Mac App Store will have 30 days from Lion’s official release date to make a request." See below:
  OS X Lion - Get up to date
  Apple Stores may still be carrying inventory of the models that did not have Lion pre-installed, hence the above offer. Product that is ordered from the Online store should come with Lion pre-installed as will CTO (configure to order) models.
  And, babowa reminds me that you could install Lion on a separate partition in order to keep Snow Leopard's installation. You can create a second partition using Disk Utility.
  To resize the drive do the following:
  1. Open Disk Utility and select the drive entry (mfgr.'s ID and size) from the left side list.
  2. Click on the Partition tab in the DU main window. You should see the graphical sizing window showing the existing partitions. A portion may appear as a blue rectangle representing the used space on a partition.
  3. In the lower right corner of the sizing rectangle for each partition is a resizing gadget. Select it with the mouse and move the bottom of the rectangle upwards until you have reduced the existing partition enough to create the desired new volume's size. The space below the resized partition will appear gray. Click on the Apply button and wait until the process has completed.  (Note: You can only make a partition smaller in order to create new free space.)
  4. Click on the [+] button below the sizing window to add a new partition in the gray space you freed up. Give the new volume a name, if you wish, then click on the Apply button. Wait until the process has completed.
  You should now have a new volume on the drive.
  It would be wise to have a backup of your current system as resizing is not necessarily free of risk for data loss.  Your drive must have sufficient contiguous free space for this process to work.
  Once you have your Lion installer application you can create a bootable USB flash drive (8 GB size):
  Make Your Own Lion Installer
  1. After downloading Lion you must first save the Install Mac OS X Lion application. After Lion downloads DO NOT click on the Install button. Go to your Applications folder and make a copy of the Lion installer. Move the copy into your Downloads folder. Now you can click on the Install button. You must do this because the installer deletes itself automatically when it finishes installing Lion.
  2. Get a USB flash drive that is at least 8 GBs. Prep this flash drive as follows:
  Open Disk Utility in your Utilities folder.
  After DU loads select your hard drive (this is the entry with the mfgr.'s ID and size) from the left side list. Note the SMART status of the drive in DU's status area.  If it does not say "Verified" then the drive is failing or has failed and will need replacing.  SMART info will not be reported  on external drives. Otherwise, click on the Partition tab in the DU main window.
  Under the Volume Scheme heading set the number of partitions from the drop down menu to one. Set the format type to Mac OS Extended (Journaled.) Click on the Options button, set the partition scheme to GUID then click on the OK button. Click on the Partition button and wait until the process has completed.
  Select the volume you just created (this is the sub-entry under the drive entry) from the left side list. Click on the Erase tab in the DU main window.
  Set the format type to Mac OS Extended (Journaled.) Click on the Options button, check the button for Zero Data and click on OK to return to the Erase window.
  Click on the Erase button. The format process can take up to several hours depending upon the drive size.
  3. Locate the saved Lion installer in your Downloads folder. CTRL- or RIGHT-click on the installer and select Show Package Contents from the contextual menu. Double-click on the Contents folder to open it. Double-click on the SharedSupport folder. In this folder you will see a disc image named InstallESD.dmg.
  4. Plug in your freshly prepared USB flash drive. You are going to clone the InstallESD.dmg disc image to the flash drive as follows:
  Open Disk Utility.
  Select the USB flash drive from the left side list.
  Click on the Restore tab in the DU main window.
  Check the box labeled Erase destination.
  Select the USB flash drive volume from the left side list and drag it to the Destination entry field.
  Drag the InstallESD.dmg disc image file into the Source entry field.
  Double-check you got it right, then click on the Restore button.
  When the clone is completed you have a fully bootable Lion installer that  you can use without having to re-download Lion.

• **want to create a user account from "Crypted Password" to "Open Directory"

  I have create a user account with "user password type: Crypted Password"
  is there any way I can script it to "user password type: open directory"
  I've use perl-ldap to create user account but I don't know how to change user password type to open directory,
  because my script will add a new node in the directory, I just need a way to make the "user password type" to "Open Directory" AT CREATION TIME, not modifing it after a have a user account, the script below will generate a node in the directory with "Crypted Password" as User Password Type,
  is there any attribute I need to add to make it "Open Directory" or perl command, applescript, bash, objective c(hopefully not)....
  thank for reading...
  $res = $c->add(dn => 'uid=testing,cn=users,dc=microsoft,dc=info',
  attr => [
  'cn' => 'testing',
  'gidNumber' => '20',
  'homeDirectory' => '99',
  'objectclass' => 'inetOrgPerson', 'posixAccount', 'shadowAccount', 'apple-user', 'extensibleObject','organizationalPerson','top','person',
  'sn' => 'testing',
  'uid' => 'testing',
  'uidNumber' => '5000',
  1. 'apple-generateduid' => '27318931-B341-4364-91B4-84E4AAAD1234', #026F",
  'givenName' => 'testing',
  1. 'loginShell' => '/bin/bash',
  'userPassword' => 'testing' ,
  1. 'homePhone' => '555-2020',
  2. 'mail' => '[email protected]'
  die "unable to add, errorcode #".$res->code().$res->error if $res->code( );
  thanks

  Since this question isn't Xserve specific a better place to get an answer is probably in the Directory Services forum: http://discussions.apple.com/forum.jspa?forumID=1353
  That being said if you are trying to migrate Crypt accounts to OD accounts then the short answer is no. You need an unencrypted password to put the password into OD via a script do short of cracking the encrypted password, inserting it in plain text into the OD user account creation process then I don't think you can.
  You should be able to dictate the password (and any other settings you can do from the GUI) but the password is the missing piece. Under really old OS X systems I actually suspect you can get passwords to export (hinted at by an Apple engineer I discussed this with) but there is probably a faster and more straightforward solution.
  What I have done is export from NetInfo, clean the accounts via script and then reimport the accounts into the new system. I usually assign a password and dictate "Must change password at next login" and then email people the temporary passwords. It's been a while but I believe you can mass select and then dictate password settings so if that works for you create accounts with all the same password and then you can select by group and make changes - eg Must change password at login.
  Good luck,
  =Tod

• How to migrate Distribution list from one domain to another within same forest

  team,
  we are in the process of migrating all users mailbox, DL and contacts from one domain to another within a same forest.
  can some one please let me know how can we migrate them without loosing the group membership and exchange attributes.
  Kindly help.
  Srinivasa K

  I ran all of them 
  First Command , it works very well and its removed the exchange attribute
  $DomCtrlr = (Dir env:Log*).Value.Replace('\','')
  Get-MailContact -OrganizationalUnit Contacts -DomainController $DomCtrlr | Export-Csv E:\MailContacts.csv
  Get-Contact -OrganizationalUnit Contacts -DomainController $DomCtrlr | Export-Csv E:\UserContacts.csv
  Import-Csv MailContacts.csv | Disable-MailContact -DomainController $DomCtrlr
  Second command
  $DomCtrlr = "DCNAME"
  $MailContacts = Import-Csv E:\MailContacts.csv
  $UserContacts = Import-Csv E:\UserContacts.csv
  after running the above command, I copied below on note pad and saved as .PS1 , as per your advise I make sure that starting with new-mailcontact and below 2 are is same line and Executed the ps1 script.
  Scipt rans but didnt give me any error mesage.
  ForEach ($Contact in $MailContacts) {
      $UserContacts | ? { $_.SamAccountName -eq $Contact.Alias } | % {
          New-MailContact -DomainController $DomCtrlr -LastName $_.LastName -FirstName $_.FirstName -Alias $_.SamAccountName -DisplayName $_.DisplayName -Name $_.Name -ExternalEmailAddress $Contact.ExternalEmailAddress -OrganizationalUnit
  Test_con    }
  By Running
  $MailContacts : it provided the stored value for users
  $UserContacts: it
  provided the stored value for users
  after runing below in  single notepad as .ps1 , not getting error message , but its not giving any
  output nor error.
  suspecting something needs to b checked on for loop
  ForEach ($Contact in $MailContacts)  {
      $UserContacts | ? { $_.SamAccountName -eq $Contact.Alias } | % {
          $_
  Hope this explained clearly.
  Srinivasa K