Author Posts

July 20, 2015 at 5:17 pm

Here is what i have (the headers of the CSV file are "DistinguishedName" and "ObjectGUID"
$csvData = import-csv C:\temp\user.csv

foreach ($row in $csvData)
$DN = $csvData.DistinguishedName
$DN2 = "LDAP://"+$DN
$GUID = $csvData.ObjectGUID

$User = [ADSI]"$DN2"


now if i replace my Variables with the details in my CSV file it works fine

it seems it might be an issue with how i am reading and using the CSV

any idea's?

any help is very apreciated

July 20, 2015 at 8:58 pm

try to print $csvdata after importing it. do You have objects with multiple properties or just strings inside one property ?

take a look to -delimiter for import-csv cmdlet. may be your csv have ';' as delimiter, but for your locale import-csv use ',' as default or vice versa

July 20, 2015 at 9:03 pm

It did have multiple properties , i ended up fixing it using just the Distinguished name and pulling the GUID in the command , bellow is what i ened up using had me racking the brain for a while

$csv=import-csv C:\temp\user.csv -Header DistinguishedName
foreach ($line in $csv) {
$DN = $line.DistinguishedName
$GUID = [guid]((([directoryservices.directorysearcher] "(DistinguishedName=$DN)").findall())[0].properties.getenumerator() | ? { $ -eq "objectguid"}).value[0]
$DN2 = "LDAP://"+$line.DistinguishedName
$User = [ADSI]"$DN2"
$User.Put("adminDescription", "$GUID")
Write-Host $line.DistinguishedName
Write-Host $DN2
Write-Host $GUID

July 21, 2015 at 4:38 am

hmm, I was too fast...
in your first example you write

foreach ($row in $csvData)
$DN = $csvData.DistinguishedName
$GUID = $csvData.ObjectGUID

while it must be
$DN = $row.DistinguishedName
$GUID = $row.ObjectGUID

Do you have any need in [adsi] in place of ActiveDirectory or Quest Active directory modules? these modules allow to manipulate directory objects much better and all process will be easy

get-qaduser $username | %{ set-qaduser -objectattributes @{adminDescription=$_.ObjectGuid} }
get-aduser $username | foreach-object { $_| Set-ADUser -Replace @{adminDescription=$_.objectguid} }

and if you want low level without modules you can use
$userobj = [System.DirectoryServices.DirectoryEntry]'LDAP://$DN"
instead of [directorysearcher] and do direct property manipulation

July 21, 2015 at 4:46 am

Glad you have things working, but just wanted to make a comment. It appears you have an AD dump to a CSV and then enumerate the CSV to set a property on the user. That's a long path as you could have done something like this:

Get-ADUser -Filter * -Properties adminDescription | Set-ADUser -Add @{adminDescription=$_.ObjectGUID}