Updating the User Information List in SharePoint 2010 from AD

In some cases, there is no need for User Profiles and My Sites. However, when you’re using Active Directory for authentication, you might notice that changes made to the AD Domain users are not effective for SharePoint users, such as a different or new email address. When you click “My Settings” from the user menu, you’ll still see the old values for name, email address, etc.

A simple way of solving this is using the Set-SPUser cmdlet in PowerShell, using the -SyncFromAD parameter. However, when you have multiple site collections with multiple users, you’ll need to do this for each user, in each site collection’s top level site.

The following PowerShell script will save you the trouble of going through this manually, it fetches all site collections with their RootWebs and syncs all available SPUser objects with AD.

Make sure you run it under a user that has access to each site collection, preferably as a site collection administrator.

$sites = Get-SPSite -Limit All
foreach($site in $sites) {
    $web = $site.RootWeb
    if($web -ne $null) {
        Write-Host "Processing: $site"
        Get-SPUser -Limit All -web $web | foreach {
            if ($site.WebApplication.UseClaimsAuthentication) {
                $claim = New-SPClaimsPrincipal $_.LoginName -IdentityType WindowsSamAccountName
                $user  = $web | Get-SPUser -Identity $claim -ErrorAction SilentlyContinue
            }
            else
            {
                $user = $web | Get-SPUser -Identity $_.LoginName -ErrorAction SilentlyContinue
            }
            if ($user -ne $null)
            {
                Set-SPUser -Identity $user -web $web -SyncFromAD -ErrorAction SilentlyContinue
            }
        }
    }
    $web.Dispose()
    $site.Dispose()
}