Author Posts

January 1, 2012 at 12:00 am

by lanman_4 at 2012-09-17 09:51:16

I need to add data (student) to the department field on selected user accounts (only student accounts).
Can I do this using a script that will identify the student group (schoolname_students) and then add the data to all users in these groups or ...??

thx in advance for help with this,

by RichLec at 2012-09-17 11:38:35

I would think you can use set-aduser from the activedirectory module to set this. You may need to use get-aduser to populate a list and then run that through a for-each block. I had to do something like this recently where i had a attribute in AD for password not required set incorrectly on a whole bunch of old users. The code below is what I used to make this change on all my users. This code might be able to be adjusted and tweaked to work for you particuler issue. I do have a blog post for this script. ... ibute.html

$users = Get-Content "C:\lists\userlist.txt"
foreach ($user in $users){
$Cmd = get-aduser -identity $user
$Cmd.PasswordNotRequired = "FALSE"

Set-ADUser -Instance $Cmd}

In the userlist.txt the format is:


by RichardSiddaway at 2012-09-17 13:19:25

If you have a group then it becomes this
Get-ADGroupMember -Identity Legal |
where {$_.objectclass -eq "user"} |
foreach {
Set-ADUser -Identity $($_.distinguishedName) -Department "Student"

you can test the result like this

Get-ADGroupMember -Identity Legal |
where {$_.objectclass -eq "user"} |
foreach {
Get-ADUser -Identity $($_.distinguishedName) -Property Department |
select Name, distinguishedName, Department

the where {$_.objectclass -eq "user"} filters out nested groups

by lanman_4 at 2012-09-18 08:51:31

Hi Richard,
Thanks for the script,, it worked perfectly


by RichardSiddaway at 2012-09-18 09:52:26

You're very welcome