AD location address field population question

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of John Mello John Mello 3 years, 9 months ago.

  • Author
    Posts
  • #8488
    Profile photo of John Mello
    John Mello
    Participant

    I'm working on a script to make sure certain user information is always correct in AD compared to an external employee database. The one section I’m struggling on to make efficient is making sure each users Address tab (in AD) is properly populated. We has 15 locations and about 1500 users, i'm trying to avoid writing a giant if statement that checks users physicalDeliveryOffice and then verifes if the street, City, Stat Zip, And Country are all correct before trying to change them. Since the Address information isn't stored anywhere I can pull it from I saved all the locations in an array (mimicking the AD properties) and then  looped through and tried to match up the AD properties. But then I realized that I can’t set a variable for an AD property when using –Replace. Is there an easy way to go about this or am I stuck doing a giant if/else if? 
    An example of how i'm wokring with a location is as such

    
    #Location information for Chicago
    
    $CHI = New-Object PSObject -Property $LocationTableProperties
    
    $CHI.streetAddress="999 Somewhere`nSuite 666"
    
    $CHI.l="Chicago"
    
    $CHI.st="IL"
    
    $CHI.postalcode="00000"
    
    $CHI.c="US"
    
    $CHI.PhysicalDeliveryOfficeName="Chicago"
    
    #Adding to AllLocations list
    
    $AllLocations+=$CHI

    the loop section I'm trying to accomplish is

    
    #Compare the office location in Sigcontacts agaisnt AD, change in AD if necessary
    	ForEach ($Location in $AllLocations) {
    	    #Check to see which location matches and use that to compare
    		If ($ADProperties.PhysicalDeliveryOfficeName -eq $Location.PhysicalDeliveryOfficeName) {
    		   Get-Member -InputObject $Location -MemberType NoteProperty | 
    			ForEach-Object {
    				#Walk through the location Properties and compare them to the matching AD properites
    				If ($ADProperties.($_.Name) -ne $BAL.($_.Name)) {
    					Write-Verbose "INFO : Employee Address section mismatch: $($Location.PhysicalDeliveryOfficeName) $_  = $($_.Name), AD = $($ADProperties.($_.Name))"
    					Try {Set-ADUser $ADProperties.SamAccountName  -ErrorAction Stop}
    					Catch {
    						Write-Warning "ERROR : Cannot edit $User in AD, moving to the next user"
    						$ErrorTable.Add($Employee.DomainAccountName,$_.Exception.Message)
    						break
    					}
    				Else {#Write-Host "Good"}
    			}
    	        Break
    	    }
    	    Else {
    			Write-Warning "WARNING : $User has no office in AD"
    			Continue
    		}
    	}
    

    Here is the section that isn't working, am I'm pretty sure it won't. Just not sure how else to go about it

    Set-ADUser $ADProperties.SamAccountName -Replace @{EmployeeID=$Employee.PersonID} -ErrorAction Stop
  • #8496
    Profile photo of Poshoholic
    Poshoholic
    Member

    EmployeeID is a parameter for Set-ADUser. To set the employee ID, you simply need to invoke Set-ADUser $ADProperties.SamAccountName -EmployeeID someValue. If you want to set an attribute based on another attribute for the same user though, you'll have to get that user's information first, then use it during the set. For example:

    $user = Get-ADUser $ADProperties.SamAccountName
    Set-ADUser $ADProperties.SamAccountName -EmployeeId $user.PersonID
    

    You could optionally do this in a ForEach-Object block as well, like this:

    Get-ADUser | ForEach-Object {
        Set-ADUser $_ -EmployeeId $_.PersonID
    }
    

    Note that I haven't run these commands, just typed them in from memory, so they may need tweaking to get them to actually work.

    Does that answer your question?

  • #8497
    Profile photo of John Mello
    John Mello
    Participant

    I mistakenly copied the wrong section in the original post and I can't seem to edit it. Anyway, after posting it and playing with it some more figured out how to correctly use the replace parameter of Set-Aduser with a variable:

    Set-ADUser $ADProperties.SamAccountName -Replace @{$Property.Name=$MatchingLocation.($Property.Name)}

    Originally I was having getting the variable representing the AD property to show up correctly in the hash table.

You must be logged in to reply to this topic.