Announcement

Collapse
No announcement yet.

Update AD fields.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Update AD fields.

    Hello Team,

    How do I use an IF statement on PS script for this condition? the purpose of this scripts is to update/import user's AD fields from CVS file.

    here is the statement..

    Set-ADUser $User.SamAccountName -Replace $Splat

    I only want to update the existing records in the AD and ingore the difference record in CVS. Right now I can run the script without any errors if the CVS records is matches with the AD record.

    It will throw an error if the CVS file has more/different record in the AD.

    so I was thinking something along this line..

    If user from cvs exist in the AD then update user fields, else next record.

    Thanks,
    HN

  • #2
    Re: Update AD fields.

    Maybe something like this?
    Code:
    $user = Get-ADUser name -ErrorAction SilentlyContinue
    If($user -ne $null){
      place code here
      }
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: Update AD fields.

      Originally posted by JeremyW View Post
      Maybe something like this?
      Code:
      $user = Get-ADUser name -ErrorAction SilentlyContinue
      If($user -ne $null){
        place code here
        }
      Great suggestion.. but I think $user already define my foreach statement to get from CVS.

      I like the "-ErrorAction SilentlyContinue" switch...

      I try to apply it as following..
      Set-ADUser $User.SamAccountName -Replace $Splat -ErrorAction SilentlyContinue

      It still throw an error when it hit the record from CVS file and not existing in AD.

      I think that is what Im looking for.. ignore the error and proccess next record.

      any suggestion greatly appreciate it..

      Thanks,
      HN

      Comment


      • #4
        Re: Update AD fields.

        You can make up whatever variables you want to fit your code...

        And it looks like the ErrorAction doesn't apply here.

        How about:
        Code:
        If((Get-ADUser -LDAPFilter {samaccountname -eq $User.SamAccountName}) -ne $null){
          Set-ADUser $User.SamAccountName -Replace $Splat
          }
        Regards,
        Jeremy

        Network Consultant/Engineer
        Baltimore - Washington area and beyond
        www.gma-cpa.com

        Comment


        • #5
          Re: Update AD fields.

          Originally posted by JeremyW View Post
          You can make up whatever variables you want to fit your code...

          And it looks like the ErrorAction doesn't apply here.

          How about:
          Code:
          If((Get-ADUser -LDAPFilter {samaccountname -eq $User.SamAccountName}) -ne $null){
            Set-ADUser $User.SamAccountName -Replace $Splat
            }
          The script ran without an error, but it won't update AD fields. So what I did is reactivate this command without if statement.

          Set-ADUser $User.SamAccountName -Replace $Splat -ErrorAction SilentlyContinue

          Event though it throwed out the errors but all the existing records are updated. I think I can live with the errors.

          Im trying to use the same command above but this time I want to compare EmployeeID field instead of SamAccountName field from my CVS file. but it doesnt work. This is the statement I'm trying:

          Set-ADUser $User.EmployeeID -Replace $Splat -ErrorAction SilentlyContinue

          Error:
          + Set-ADUser <<<< $User.EmployeeID -Replace $Splat
          + CategoryInfo : ObjectNotFound: (0000003:ADUser) [Set-ADUser], ADIdentityNotFoundException
          + FullyQualifiedErrorId : Cannot find an object with identity: '0000003' under: 'DC=domain.DC=Local".,Microsoft.ActiveDirectory.Ma nagement.Commands.SetADUser


          It read Employee ID correct (0000003) but it doesnt understand the object type. (I think)

          Thanks,
          HN
          Last edited by Humannetwork; 11th September 2013, 21:05. Reason: correction

          Comment


          • #6
            Re: Update AD fields.

            Hold on, I think an explanation of what you're trying to do is in order. I thought you were looking for the syntax for an If statement but it seems we need to check the whole thing.

            Can you post the full script and the first two lines of the CSV file (sanitize those as necessary) and then give a brief description of what you're trying to do?
            Regards,
            Jeremy

            Network Consultant/Engineer
            Baltimore - Washington area and beyond
            www.gma-cpa.com

            Comment


            • #7
              Re: Update AD fields.

              Originally posted by JeremyW View Post
              Hold on, I think an explanation of what you're trying to do is in order. I thought you were looking for the syntax for an If statement but it seems we need to check the whole thing.

              Can you post the full script and the first two lines of the CSV file (sanitize those as necessary) and then give a brief description of what you're trying to do?

              Here is the complete code.
              Example2.CSV
              ###############
              FileName,Job title
              0000001,Job Title1
              ############

              ########################

              $DomainUsers = Import-Csv ".\example2.csv"
              $Fields = @{
              EmployeeID = "FileName"
              Title = "Job Title"
              }
              ForEach ($User in $DomainUsers)
              {
              $Splat = @{}
              ForEach ($Field in ($Fields.Keys)){
              $Key = $Fields[$Field]
              If ($User.$Key){
              $Splat.Add($Field,$User.$Key)
              }
              }

              #This is the section I want to update AD users attributes, if the AD Employee is match the CSV's "FileName" column
              If(get-aduser -LDAPFilter {"(employeeID=*)" -eq $User.FileName}){

              Set-ADUser $User.FileName -Replace $Splat
              }

              }

              ##################


              Code ran without any errors, but it won't update.

              Comment


              • #8
                Re: Update AD fields.

                maybe this?

                Code:
                import-module  activedirectory
                
                Import-Csv "D:\scripts\example2.csv" -Delimiter "," | Where-Object {$_.FileName -ne ''} | forEach-Object {
                 Get-ADUser -Filter "EmployeeID -eq '$($_.FileName)'" | Set-ADUser -Title $($_.'Job title')
                 }

                /Rems

                This posting is provided "AS IS" with no warranties, and confers no rights.

                __________________

                ** Remember to give credit where credit's due **
                and leave Reputation Points for meaningful posts

                Comment


                • #9
                  Re: Update AD fields.

                  Originally posted by Rems View Post
                  maybe this?

                  Code:
                  import-module  activedirectory
                   
                  Import-Csv "D:\scripts\example2.csv" -Delimiter "," | Where-Object {$_.FileName -ne ''} | forEach-Object {
                   Get-ADUser -Filter "EmployeeID -eq '$($_.FileName)'" | Set-ADUser -Title $($_.'Job title')
                   }

                  /Rems

                  I test the code above and it returned a bunch of errors so this is what I try to verify my If statement...


                  If(Get-aduser -LDAPFilter{ "(employeeID=0000003)" -eq $User.FileName}){
                  Get-aduser -LDAPFilter "(employeeID=0000003)" | Select -expand SamAccountName
                  }
                  else{
                  Get-aduser -LDAPFilter "(employeeID=0000001)" | Select -expand SamAccountName
                  }


                  I know the employeeID 0000003 is in my AD and it also exist in FileName colume in CSV file. it should return the user that contained ID 0000003. But it always return the Else statement user.

                  Can someone please give me a logic why the this If statement is not working?

                  Thanks,
                  HN

                  Comment


                  • #10
                    Re: Update AD fields.

                    Okay.. Let's forget with everything we talk earlier on this threat and let start fresh, I'm posting the file and code here...
                    I need help with figuring this out. I'm new to PS and I'm kinda spinning my wheels

                    This codes is working for what I need. when it referenced $User.SamAccountName but when it doesn't work when I try to reference $User.FileName (AD EmployID identical to FileName)

                    The reason I need to reference to EmployeeID or FileNumber because the original CSV file doesn't not have SamAccountName. Therefore I cannot use the Set-ADUser $User.SamAccountName -Replace $Splat
                    I need to use:
                    Set-ADUser $User.FileName -Replace $Splat
                    or
                    Set-ADUser $User.EmployeeID -Replace $Splat

                    Here is the file and codes

                    Example2.CSV
                    Code:
                    FileNumber,SamAccountName,Last Name,First Name,Job title,description
                    0000001,username1,Last,First,Job Title,User description
                    Codes
                    Code:
                    import-module activedirectory
                    $DomainUsers = Import-Csv "C:\Scripts\example2.csv"
                    $Fields = @{
                        EmployeeID = "FileName"
                        Title = "Job Title"
                        description = "description"
                    }
                    ForEach ($User in $DomainUsers)
                        {
                            $Splat = @{}
                            ForEach ($Field in ($Fields.Keys)){
                                $Key = $Fields[$Field]
                                If ($User.$Key){
                                    $Splat.Add($Field,$User.$Key)
                                }
                            }
                      
                       Set-ADUser $User.SamAccountName -Replace $Splat
                    }
                    How can I use this code to reference to EmployeeID or FileNumber?
                    the code work exactly what I wanted but I just want to EmployeeID or FileNumbe. Because the file doesn't have SamAccountName field.

                    Thanks,
                    HN
                    Last edited by Rems; 13th September 2013, 08:15.

                    Comment


                    • #11
                      Re: Update AD fields.

                      Originally posted by Humannetwork View Post
                      Code:
                      
                      import-module  activedirectory
                       
                      Import-Csv "D:\scripts\example2.csv" -Delimiter "," | Where-Object {$_.FileName -ne ''} | forEach-Object {
                       Get-ADUser -Filter "EmployeeID -eq '$($_.FileName)'" | Set-ADUser -Title $($_.'Job title')
                       }
                      
                      I test the code above and it returned a bunch of errors
                      The code should run without errors, so something we don't know is going on.
                      What errors do you get if you run the code below? (you may have to change the path to the csv file)
                      Code:
                      import-module  activedirectory
                       
                      $DomainUsers = Import-Csv "D:\scripts\example2.csv" -Delimiter "," | Where-Object {$_.FileName -ne ''}
                      $DomainUsers | % {Get-ADUser -Filter "EmployeeID -eq '$($_.FileName)'" -Properties SAMAccountName}
                      
                      #
                      _

                      Originally posted by Humannetwork View Post
                      Here is the file and codes

                      Example2.CSV
                      ###############
                      FileNumber,SamAccountName,Last Name,First Name,Job title,description
                      0000001,username1,Last,First,Job Title,User description
                      ############

                      Codes
                      ###################
                      import-module activedirectory
                      $DomainUsers = Import-Csv "C:\Scripts\example2.csv"
                      $Fields = @{
                      EmployeeID = "FileName"
                      Title = "Job Title"
                      description = "description"
                      }
                      ForEach ($User in $DomainUsers)
                      {
                      $Splat = @{}
                      ForEach ($Field in ($Fields.Keys)){
                      $Key = $Fields[$Field]
                      If ($User.$Key){
                      $Splat.Add($Field,$User.$Key)
                      }
                      }

                      Set-ADUser $User.SamAccountName -Replace $Splat
                      }
                      ###########

                      How can I use this code to reference to EmployeeID or FileNumber?
                      Is it FileNumber or is it FileName??


                      /Rems
                      Last edited by Rems; 13th September 2013, 08:09.

                      This posting is provided "AS IS" with no warranties, and confers no rights.

                      __________________

                      ** Remember to give credit where credit's due **
                      and leave Reputation Points for meaningful posts

                      Comment


                      • #12
                        Re: Update AD fields.

                        Originally posted by Rems View Post
                        The code should run without errors, so something we don't know is going on.
                        What errors do you get if you run the code below? (you may have to change the path to the csv file)
                        Code:
                        import-module  activedirectory
                         
                        $DomainUsers = Import-Csv "D:\scripts\example2.csv" -Delimiter "," | Where-Object {$_.FileName -ne ''}
                        $DomainUsers | % {Get-ADUser -Filter "EmployeeID -eq '$($_.FileName)'" -Properties SAMAccountName}
                         
                        #
                        _


                        Is it FileNumber or is it FileName??


                        /Rems
                        Yes it is.. I just renamed it to to FileNumber because I want to aline it category with AD EmployeeID. I associate that FileNumber to my AD employeeID.

                        I changed the -Filter to -LDAPFilter in the code. Then the error went away. and this is what I see in the PS console when I executed it but nothing is modified in my AD user's attibutes.. btw, what is the differences between -Filter and -LDAPFilter.
                        Attached Files
                        Last edited by Humannetwork; 13th September 2013, 12:45.

                        Comment


                        • #13
                          Re: Update AD fields.

                          Admin please close this thread. I think my LOGIC is not going work for what I'm trying to do.

                          Let me clear my head a bit and think about workflow on how to update the AD attributes.

                          There is no single common attribute between CSV file and AD user's attibute.

                          I appreciate everyone help and I will be back

                          H.N

                          Comment


                          • #14
                            Re: Update AD fields.

                            OK obviously you do not want to show us the errors.

                            btw. You cannot use -LDAPFilter because the filter is defined in Powershell syntax, it is not LDAP query syntax. If you do use the -LDAPFilter parameter in the sample no users will be found.

                            /Rems

                            This posting is provided "AS IS" with no warranties, and confers no rights.

                            __________________

                            ** Remember to give credit where credit's due **
                            and leave Reputation Points for meaningful posts

                            Comment


                            • #15
                              Re: Update AD fields.

                              Originally posted by Rems View Post
                              maybe this?

                              Code:
                              import-module  activedirectory
                               
                              Import-Csv "D:\scripts\example2.csv" -Delimiter "," | Where-Object {$_.FileName -ne ''} | forEach-Object {
                               Get-ADUser -Filter "EmployeeID -eq '$($_.FileName)'" | Set-ADUser -Title $($_.'Job title')
                               }

                              /Rems
                              REMs and Jeremy.......... You are my heroooooooooooooooooo

                              I re-test the code again.. it works as expected.
                              wow.. it's only a few lines and very effective.....

                              another question.. why cant I update the manager and telelphone attribute? It kept throw out the error.. I can update other fields fine..

                              Set-ADUser -Title $($_.'Job title') -company $($_.'Business Unit Description') -department $($_.'Business Unit Description') -Office $($_.'Location Description') -manager $($_.'Reports To Name') -telephoneNumber $($_.'Work Phone')

                              Error:
                              Set-ADUser : Identity info provided in the extended attribute: 'Manager' could not be resolved. Reason: 'Cannot find an object with identity: '' under: 'DC=SUB,DC=MYDOMAIN,DC=NET'.'.
                              and
                              Set-ADUser : Identity info provided in the extended attribute: 'Manager' could not be resolved. Reason: 'Cannot find an object with identity: '' under: 'DC=SUB,DC=MYDOMAIN,DC=NET'.'.



                              thank you soooooooooooooooooooooooooooooo muchhhhhhhhhhhhhhhhhhhhhh...
                              Last edited by Humannetwork; 13th September 2013, 19:58. Reason: add more comments

                              Comment

                              Working...
                              X