Announcement

Collapse
No announcement yet.

export a list of users defined by a CSV list of a specific attribute

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • export a list of users defined by a CSV list of a specific attribute

    Hi

    I would like to export a list of users defined by a CSV list of a specific attribute!?

    So basically I use the company attribute as the users payroll number. Once a month we received a list from HR with all leavers and the only common attribute between their list and the AD is the payroll number. If I copied the payroll numbers to a CSV is it possible to extract from the AD users from this list of payroll numbers?

    From here I can do my own jiggery pockery to auto move/disable accounts etc.

    Is powershell a good option to use for this?

  • #2
    Re: export a list of users defined by a CSV list of a specific attribute

    Powershell would work well but another method would be:

    ADFind (http://www.joeware.net/freetools/tools/adfind/index.htm)

    adfind -csv -b "ou=something,dc=something,dc=local" -f "(objectcategory=user)" samaccountname employeeid > c:\export.csv

    -b is the bind point so you can specify a specific OU. The -f is the ldap filter so can be streamlined if needed. Whatever you want in the export is after the filter part so I've included samaccountname and employeeid but you can add mail and description etc (it is just space separated).

    If you want to get clever you can pipe it into ADMod from the same site to make changes too.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: export a list of users defined by a CSV list of a specific attribute

      Hi, I was after the ability to read a csv file then output the findings. I have now created the following script. Maybe it could be tidied up but the best I could do for now;

      Import-Module ActiveDirectory

      #Create a variable for the date stamp in the log file
      $LogDate = get-date -f yyyyMMddhhmm
      #Sets the OU to do the base search for all user accounts, change for your env.
      $SearchBase = "OU=****,DC=****,DC=com"
      #Create an empty array for the log file
      $LogArray = @()

      $Users = @(Import-Csv "e:\temp\Leavers.csv")
      ForEach ($User In $Users)
      {
      $Filter = "(company=" + $User."Employee ID" + ")"
      $Return = Get-ADUser -searchbase $SearchBase -LDAPFilter $Filter
      #Create new object for logging
      If ($Return){
      #Amend the users description
      set-aduser $Return -Description ("Identified Leaver - Disabled on "+(get-date).toshortdatestring())
      #Disables user object.
      Disable-ADAccount $Return
      #Moves the account
      Move-ADObject $Return -TargetPath "OU=Users,OU=****,OU=Inactifs,DC=****,DC=com"
      $obj = New-Object PSObject
      $obj | Add-Member -MemberType NoteProperty -Name "Name" -Value $Return.name
      $obj | Add-Member -MemberType NoteProperty -Name "Account Name" -Value $Return.samaccountname
      $obj | Add-Member -MemberType NoteProperty -Name "Employee ID" -Value $User."Employee ID"
      $obj | Add-Member -MemberType NoteProperty -Name "DistinguishedName" -Value $Return.DistinguishedName
      #Adds object to the log array
      $LogArray += $obj
      }
      }

      #Exports log array to HTML file in the temp directory with a date and time stamp in the file name.
      $a = "<style>"
      $a = $a + "BODY{background-color:#D0D0D0;}"
      $a = $a + "TABLE{border-width: 2px;border-style: solid;border-color: black;border-collapse: collapse;}"
      $a = $a + "TH{border-width: 2px;padding: 0px;border-style: solid;border-color: black;background-color:#CC0000}"
      $a = $a + "TD{border-width: 2px;padding: 0px;border-style: solid;border-color: black;background-color:#D0D0D0}"
      $a = $a + "</style>"
      $logArray | ConvertTo-HTML -head $a -body "<H2>Leavers Report</H2>"| Out-File "\\*****\Reports\Users_Leaver_Report_$logDate.html "


      ##Creates and sends completion email with information##
      $emailFrom = "[email protected]*****.com"
      $emailTo = "****[email protected]***.com"
      $subject = "AD Users Leaver Script Complete"
      $smtpServer = "*****"
      $body = "The monthly AD Leavers script has run.`r`n"+
      "`r`n"+
      "`r`n"+
      "Report is located \\*****\Reports\User_Leavers_Report_$logDate.html"

      Send-MailMessage -To $emailTo -From $emailFrom -Subject $subject -Body $body -SmtpServer $smtpServer

      Comment


      • #4
        Re: export a list of users defined by a CSV list of a specific attribute

        Ah right sorry, re-read your first post and I think I got the wrong end of the stick!
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: export a list of users defined by a CSV list of a specific attribute

          You can use the Quest AD PowerShell cmdlets.
          Most of time it's much better

          http://www.quest.com/powershell/activeroles-server.aspx
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment

          Working...
          X