Update AD Attribute

This topic contains 4 replies, has 4 voices, and was last updated by Profile photo of The Geeky Techie Guy The Geeky Techie Guy 3 weeks, 4 days ago.

  • Author
    Posts
  • #57046

    Hi Guys,

    i have a csv with username and employeeid. The task is for each user in the csv write their corresponding employeeid into AD. However the twist is to include a check before writing. So if the employeeid attribute is already available then skip that user and go to the next but write to a file saying that user id already exist. anyhelp will be appreciated. i have managed to write a check but not sure how to incoporate the rest

    $userids = Get-Content 'C:\location\some.csv'| ForEach-Object {get-aduser $_ -Properties *}
    Foreach ($userid in $userids)
    {
    if ($userid.employeeid -ne $null)

    { write-host $userid.Name "ID is already Set"}

    if($userid.employeeid -eq $null)

    { write-host $userid.Name $userid.employeeid "ID is not Set" }

    }

  • #57052
    Profile photo of Ron
    Ron
    Participant

    You are not saving the contents of your file. You should loop through the file contents, retrieving the users one at a time. Then you can check the existing user, and if its not set, set it using "set-aduser -employeeid". Else, write to your output file, "out-file -append".

  • #57074
    Profile photo of Rob Simmers
    Rob Simmers
    Participant

    Here is your basic logic:

    $csv = Import-CSV 'C:\location\some.csv' -Header SamAccountName, EmployeeID
    foreach ($row in $csv) {
        $user = Get-ADUser -Filter {SamAccountName -eq $row.SamAccountName} -Properties EmployeeID
        If ($user) {
            if (!($user.EmployeeID)) {
                try {
                    $user | Set-ADUser -EmployeeID $row.EmployeeID
                }
                catch {
                    "Error setting employee ID {0} on user {1}. {2}" -f $row.EmployeeID, $row.SamAccountName
                }
            }
            else {
                "User {0} already has ID {1} set, skipping setting of employeeID to {2}" -f $row.SamAccountName, $user.EmployeeID, $row.EmployeeID
            }
        }
        else {
            "Unable to find user {0}" -f $row.SamAccountName
        }
    }
    

    If you really wanted a log file, you would just update the string format lines to something like:

    Add-Content -Value ("Unable to find user {0}" -f $row.SamAccountName) -Path C:\ADUpdate.Log
    
  • #57115
    Profile photo of Charles Downing
    Charles Downing
    Participant

    Instead of just checking for a value, you may want to verify that the EmployeeID set in AD is the same one you're trying to set, too. That would just mean adding another nested if to Rob's code above.

    ...
    if (!($user.EmployeeID)) {
                if ($user.EmployeeID -ne $row.EmployeeID) {
                     Add-Content -Value ("ID already set but is different: {0}: {1} - {2}" -f $row.SamAccountName, $row.EmployeeID, $user.EmployeeID) -Path C:\ADUpdate.Log
                }
                else {
                     try {
                         $user | Set-ADUser -EmployeeID $row.EmployeeID
                     }
                     catch {
                         "Error setting employee ID {0} on user {1}. {2}" -f $row.EmployeeID, $row.SamAccountName
                    } 
                }
            }
            else {
                "User {0} already has ID {1} set, skipping setting of employeeID to {2}" -f $row.SamAccountName, $user.EmployeeID, $row.EmployeeID
            }
    ...
    
  • #57157

    Thanks guys. Excellent responses and direction. You pretty much wrote it for me.

You must be logged in to reply to this topic.