Using multiple values in a CSV file to manipulate AD user accounts.

Welcome Forums General PowerShell Q&A Using multiple values in a CSV file to manipulate AD user accounts.

This topic contains 2 replies, has 2 voices, and was last updated by

 
Participant
3 weeks, 4 days ago.

  • Author
    Posts
  • #172856

    Participant
    Topics: 1
    Replies: 0
    Points: 13
    Rank: Member

    I have a report from HR that tracks employees by EmployeeID. I need to edit the AD accounts to reflect the new organizational structure.

    Employee Department Zone Area
    2468 AZ002 Southwest SW4
    1357 NY221 Northeast NE11
    9542 KS023 Midwest MW02

    AD has the department code, but I need to add the Zone and Area data so I can run reports from AD without needing to hand sort into Areas, Zones, and addresses.

    Right now I am separating the HR file into files for each zone and adding the Zone name to the Division attribute in AD.

    # Set variables
    
    # Create array from list of Employee IDs in a text file
    $IDs = Get-Content "Z:\Areas\WC.txt"
    
    # Pull All Users From Active Directory
    Get-ADUser -Filter "*" -Property * |
    
    # Pass the output into a filter that only passes on those users, whose ID is listed
    Where-Object { $IDs -contains $_.employeeID } |
    
    # Get all information on the remaining users
    Set-ADUser -Division "West"

    Next, I will have to further separate the users into their Areas and run the same script to add the Area code into  extensionAttribute3 because I have been denied approval to add a custom attribute to AD.

    
    # Set variables
    
    # Create array from list of Employee IDs in a text file
    $IDs = Get-Content "Z:\Areas\AT8.txt"
    
    # Pull All Users From Active Directory
    Get-ADUser -Filter "*" -Property * |
    
    # Pass the output into a filter that only passes on those users, whose ID is listed
    Where-Object { $IDs -contains $_.employeeID } |
    
    # Get all information on the remaining users
    Set-ADUser -Add @{extensionAttribute3 = "AT8"}

    I want/need to make this a single operation.

    # Put all AD users into an array
    $ADUsers = Get-ADuser -Filter * -Properties EmployeeID,SamAccountName,Mail,Department

    Then compare to the HR CSV file

    # Put HR data into an array
    $HRusers = Import-CSV c:\temp\Employees.csv

    Here's where I don't know what I'm doing....

    How can I:
    1) Take each employeeID from HR and find that user in AD

    ForEach ($ID in $HRusers)

    2) Take the Zone for that user and write it to the Division attribute in AD

     Set-ADUser -Division "Midwest"

    3) Take the Area for that user and write it to extensionAttribute3

     Set-ADUser -Add @{extensionAttribute3 = "KS022"}

    I know this can be done without iterating through AD each time as my current script does, and I know I should be able to set multiple attributes for each user at the same time.

    I just have not been able to figure out how to do it...

    Thanks for reading this far, and thank you for any help you can provide.

    dot19408

  • #173068

    Participant
    Topics: 0
    Replies: 100
    Points: 363
    Helping Hand
    Rank: Contributor

    Hello Dot,

    I'm happy to help you with this. Can you provide the code not broken up? The more details the better, what is the original format from HR? We may be able to save you some headache. 🙂

  • #173074

    Participant
    Topics: 0
    Replies: 100
    Points: 363
    Helping Hand
    Rank: Contributor

    Just to give you an idea of what we can do here.

     

    # This is asusming you have a csv file from HR
    $IDList = Import-CSV "Z:\Areas\WC.csv"
    
    #Iterate through each ID in ID List, assuming we have headers as listed in the table in Original post.
    Foreach ($id in $IDList){
       Try {
          $ADUser=Get-ADUser-Filter {EmployeeID -eq$ID.Employee} -ErrorAction STOP -Properties EmployeeID, ExtensionAttribute3, Division, Mail, Department
          #Using DistinguishedName to remove any ambuguity.
          #SamAccountName may be duplicated if a merger and acquistion were to occur.
          Set-ADUser$ADUser.DistinguishedName-Add {ExtensionAttribute3 =$ID.Area} -Division $Id.Zone-ErrorAction STOP
       }
       Catch{
          Write-Warning $_.Exception.Message
       }
    }

You must be logged in to reply to this topic.