Update AD Attribute

Welcome Forums General PowerShell Q&A Update AD Attribute

This topic contains 4 replies, has 4 voices, and was last updated by

 
Participant
2 years, 2 months ago.

  • Author
    Posts
  • #57046

    Participant
    Points: 1
    Rank: Member

    Hi Guys,

    i have a csv with username and employeeid. The task is for each user in the csv write their corresponding employeeid into AD. However the twist is to include a check before writing. So if the employeeid attribute is already available then skip that user and go to the next but write to a file saying that user id already exist. anyhelp will be appreciated. i have managed to write a check but not sure how to incoporate the rest

    $userids = Get-Content 'C:\location\some.csv'| ForEach-Object {get-aduser $_ -Properties *}
    Foreach ($userid in $userids)
    {
    if ($userid.employeeid -ne $null)

    { write-host $userid.Name "ID is already Set"}

    if($userid.employeeid -eq $null)

    { write-host $userid.Name $userid.employeeid "ID is not Set" }

    }

  • #57052
    Ron

    Participant
    Points: 2
    Rank: Member

    You are not saving the contents of your file. You should loop through the file contents, retrieving the users one at a time. Then you can check the existing user, and if its not set, set it using "set-aduser -employeeid". Else, write to your output file, "out-file -append".

  • #57074

    Participant
    Points: 428
    Helping Hand
    Rank: Contributor

    Here is your basic logic:

    $csv = Import-CSV 'C:\location\some.csv' -Header SamAccountName, EmployeeID
    foreach ($row in $csv) {
        $user = Get-ADUser -Filter {SamAccountName -eq $row.SamAccountName} -Properties EmployeeID
        If ($user) {
            if (!($user.EmployeeID)) {
                try {
                    $user | Set-ADUser -EmployeeID $row.EmployeeID
                }
                catch {
                    "Error setting employee ID {0} on user {1}. {2}" -f $row.EmployeeID, $row.SamAccountName
                }
            }
            else {
                "User {0} already has ID {1} set, skipping setting of employeeID to {2}" -f $row.SamAccountName, $user.EmployeeID, $row.EmployeeID
            }
        }
        else {
            "Unable to find user {0}" -f $row.SamAccountName
        }
    }
    

    If you really wanted a log file, you would just update the string format lines to something like:

    Add-Content -Value ("Unable to find user {0}" -f $row.SamAccountName) -Path C:\ADUpdate.Log
    
  • #57115

    Participant
    Points: 44
    Rank: Member

    Instead of just checking for a value, you may want to verify that the EmployeeID set in AD is the same one you're trying to set, too. That would just mean adding another nested if to Rob's code above.

    ...
    if (!($user.EmployeeID)) {
                if ($user.EmployeeID -ne $row.EmployeeID) {
                     Add-Content -Value ("ID already set but is different: {0}: {1} - {2}" -f $row.SamAccountName, $row.EmployeeID, $user.EmployeeID) -Path C:\ADUpdate.Log
                }
                else {
                     try {
                         $user | Set-ADUser -EmployeeID $row.EmployeeID
                     }
                     catch {
                         "Error setting employee ID {0} on user {1}. {2}" -f $row.EmployeeID, $row.SamAccountName
                    } 
                }
            }
            else {
                "User {0} already has ID {1} set, skipping setting of employeeID to {2}" -f $row.SamAccountName, $user.EmployeeID, $row.EmployeeID
            }
    ...
    
  • #57157

    Participant
    Points: 1
    Rank: Member

    Thanks guys. Excellent responses and direction. You pretty much wrote it for me.

The topic ‘Update AD Attribute’ is closed to new replies.