Updated 10th October 2024
It turns out that this post is very popular, so I thought I would revisit the processing of adding aliases to AD with PowerShell since quite a few things have changed in the 2 years since I wrote it.
You can also read this on Medium.com.
First of all: adding Active Directory aliases is a super simple task.
Manually Adding Active Directory Aliases
If you only have a single AD alias to add, then it’s often simpler and maybe even quicker to just use the Active Directory Users and Computers GUI. If you didn’t know, this is often abbreviated to ADUC. Quack, quack!
This control panel interface is often found on any of your domain controllers.
To add aliases manually, you would go through these steps:
- Open ADUC
- Find the user you need to add an alias to
- Right click the user and go to the Attributes tab
- In the long list, find proxyaddresses
- In this property, create a new record prefixed with smtp:
For example, you would need to enter:
smtp:first.last@example.com
If you entered the email without the smtp: prefix, then the entry wouldn’t have any effect.
That’s all well and good, but what if you need to add lots of aliases to lots of different people? Doing that manually would first be a pain, and also take a ton of time. Time that you don’t often have when working in IT.
This is where PowerShell can help us create these aliases automatically.
How To Screenshot On All 3 Desktop OS’s
Knowing how to screenshot is one of the corner stones to receiving or providing technical…
Scripting Secrets with PowerShell and OneTimeSecret.com
In my day job, I often have to send out links to customers. These links…
How to Add Telephone Links to Your Website
So you’ve gone through all the trouble of creating a stunning website for your business,…
Who Owns Microsoft?
Microsoft is one of the largest and most recognisable companies on the planet, operating in…
7 New Website Inspiration Tools
Over the last couple of months, I’ve found and kept 7 new website inspiration tools…
Microsoft Clarity – The Definitive Guide
I know I’m late to discovering this tool, but for anyone else out that that…
Adding Aliases to AD with PowerShell
First thing first, you’ll need to create a CSV or Comma Separated Values file. This is how PowerShell will determine which aliases to add to which Active Directory users or objects.
The formatting of the CSV file is very important, and the standardisation of data is what allows PowerShell to work so well.
The CSV will require 2 columns: 1 for the samaccountname of the user or object you want to add the alias to; and another for the proxy alias address that needs to be added.
ALL proxy addresses still need to be prefixed with smtp:
CSV Example #1
Say you had a user in Active Directory called John Smith. For this user, you wanted to add the following email addresses as aliases to his account: jsmith@example.com and john.smith@example.com. For this example, John Smith has a samaccountname of jsmith.
We would then format the CSV document like this ↓
samaccountname | proxyaddresses |
jsmith | smtp:jsmith@example.com;smtp:john.smith@example.com |
CSV Example #2
Now that I’ve shown you how to do this for a single user, let me show you an example with multiple users. We will still use the previous John Smith example, but now add his friends Lee Jones and Sam Ike. The CSV document would now look something like this:
samaccountname | proxyaddresses |
jsmith | smtp:jsmith@example.com;smtp:john.smith@example.com |
ljones | smtp:ljones@example.com;smtp:lee.jones@example.com |
sike | smtp:sike@example.com;smtp:sam.ike@example.com |
Now that the CSV file is built and ready, we can move onto the PowerShell script.
PowerShell Add Alias to AD
The PowerShell script needed is also fairly simple and can be broken down into the following steps:
- Import the CSV file
- Run through each item in the CSV and try to add the proxy addresses
- Output either a success or failure message
Below is the script that I use. You can see that I also wrap the Set-ADUser cmdlet in a try catch block. This should hopefully catch any errors and stop the script from exiting in an uncontrolled manor:
Import-Csv "path\to\csv" | ForEach-Object {
try{
Set-ADUser -Identity $_.samaccountname -add @{Proxyaddresses=$_.Proxyaddresses -split ";"} -ErrorAction Stop
Write-Host $_.samaccountname complete! -ForegroundColor Green
}catch{
Write-Host 'Failed : ' -NoNewline
Write-Host $_.samaccountname -ForegroundColor Red
}
}
Once you’ve built both components, you’ll need to update the CSV path in the PowerShell script.
You can now run the script for the aliases to be created.
Note: it can sometimes take between 30 seconds and 5 minutes for new aliases to show in Active Directory. This appears to depends on the size and scaling of the Active Directory environment and also the amount of aliases that have been added.
Comment below if you have any issues with this process!
Enjoy! 🎉
Just popping in to say thanks for posting this. Saved me a ton of time prepping for an email migration!