Hi there,
The provisioning service does not have a default logic for null value processing. When the provisioning service gets an empty string from the source app, it tries to flow the value "as-is" to the target app. In this case, on-premises Active Directory does not support setting empty string values and hence you see the above error.
To rename the CN of the object which also changes the DistinguishedName below will do the trick which I found online.
Import-Module activedirectory
$varCSV = "C:\VBT\AD Users Update\Student Users17v1.csv"
$userlist = Import-Csv -Path $varCSV -Delimiter ","
foreach ($user in $userlist)
{
$SamAccountName = $user.SamAccountName
$FirstName = $user.GivenName
$LastName = $user.Surname
$DisplayName = $user.GivenName + " " + $user.Surname
$UserPrincipalName = $user.UserPrincipalName + "@students.stdeclanscollege.ie"
$JobTitle = $user.JobTitle
$EmailAddress = $user.UserPrincipalName
$Department = $user.Department
$dn = (Get-ADUser -Identity $SamAccountName).DistinguishedName
Get-ADUser -Identity $user.SamAccountName |
Set-ADUser -DisplayName $DisplayName -GivenName $FirstName -Surname $LastName -Title $JobTitle -UserPrincipalName $UserPrincipalName
-EmailAddress $UserPrincipalName -Department $Department
Try {
Rename-ADObject $dn -NewName $DisplayName
}
catch {
Write-Output "Error Check Acc: " ($user.samaccountname) | Out-File C:\errors.txt -Append
}
}
-----------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept it as an answer–