Author Posts

November 22, 2016 at 3:59 pm

Now that the import to AD from oracle is working...I have for sure learned that the process is only as good as the data that is entered. So, since I am already seeing minor enough mistakes in the first couple of runs that won't let this process work for a couple of people I have decided that I want to setup some simple error reporting to email to me everyday.

Using what I already have of the import process, I would like to have a script to run after I do the import to scan the CSV and tell me what email fields don't match Active Directory.

How can I make a simple matching script, i'd think using an IF statement and then email me the results of it being negative.
Such as if CSVEMAIL -Notmatch ADEMAIL, create a hash table of the results and email to me along with the count (just to easily view the # of incorrect accounts input)

import-module activedirectory

#Import latest adp file, set as variable, only selecting objects from file that have email field populated.
$adplist = import-csv "C:\Temp\OracletoADScript\ActiveDirectory.csv" # | Where-Object {$_.'EMPLID'}
#write-host $adplist


   #Loop through each selected object in the csv.    
ForEach ($employee in ($adplist | Where {$_.Company -Match "Company A"}))  
 

Thanks

November 22, 2016 at 4:10 pm

Compare-Object could make your life much easier in this case. 😉

November 22, 2016 at 4:12 pm

Hi

How about if you create IF statementand inside that you add the value/mailaddress to hashtable? looking against userPrincipalName or emailaddress what ever you need.

#Not Tested

ForEach ($employee in ($adplist | Where {$_.Company -Match "Company A"})) {

   IF (Get-ADUser -filter (userPrincipalName -ne $employee) {

      #add to hashtable

   } ELSE {

      #add to another hashtable

   }

}

#send mail

Or using TRY, CATCH, FINALLY.

ForEach ($employee in ($adplist | Where {$_.Company -Match "Company A"})) {

   TRY {
      Get-ADUser -filter (userPrincipalName -eq $employee) -ErrorAction Stop

      #add to hashtable

   } CATCH {

      #add to another hashtable

   } FINALLY {

      #do something

   }

}

#send mail

Jake

November 22, 2016 at 5:20 pm

Off the top of my head and obviously untested:

$ADlist = get-aduser -ldapsearch "(mail=*)" -properties mail | select -expand mail
$unmatched = import-csv "C:\Temp\OracletoADScript\ActiveDirectory.csv" | Where-Object {$_.'EMPLID' -and $adlist -notcontains $_.email}

November 29, 2016 at 9:15 pm

i'll have to test some of these later on...got swamped with other things.

So overall i just need a print out of the users who's CSV email won't match the active directory email. Then a count would be nice just so it's easy to look at in case of it being quite large.

thanks all

November 30, 2016 at 4:50 pm

Jarkko,

I like your example the best so far, but for some reason i'm getting replies that are even true.
I found I had to declare the AD email variable and change a bit to run...


$mail = get-ADUser -SearchBase "OU=OU,DC=company,DC=com" -properteries -filter mail | select -Expand Mail

ForEach ($employee in ($adplist | Where {$_.Company -Match "Company A"}))  {

	If ($mail -NotMatch $employee.Email_Address){
	
		write $employee.Last_Name}
		
		Else {
		
		}
		
	}

I have a feeling it has something to do with the $mail variable lookup in AD.

November 30, 2016 at 7:50 pm

I have no problem having the csv compare against itself with sometime like

   #Loop through each selected object in the csv.    
ForEach ($employee in ($adplist | Where {$_.Company -Match "Company A"}))  {


	If (($employee.Email_Address) -notlike ('*@emailaddress.com')){
		
		write $employee.Last_Name}
		
		Else {
		
		}
		
	}

And this spits out everyone who doesn't have an email adddress ending in emailaddress.com. The issue i'm having is having this compare against AD. I'm either getting errors complaining about -filter or I get a list of pretty much everyone, thus not much help.