Welcome Forums General PowerShell Q&A Using multiple values in a CSV file to manipulate AD user accounts.

Viewing 2 reply threads
  • Author
    Posts
    • #172856
      Participant
      Topics: 1
      Replies: 0
      Points: 13
      Rank: Member

      I have a report from HR that tracks employees by EmployeeID. I need to edit the AD accounts to reflect the new organizational structure.

      Employee Department Zone Area
      2468 AZ002 Southwest SW4
      1357 NY221 Northeast NE11
      9542 KS023 Midwest MW02

      AD has the department code, but I need to add the Zone and Area data so I can run reports from AD without needing to hand sort into Areas, Zones, and addresses.

      Right now I am separating the HR file into files for each zone and adding the Zone name to the Division attribute in AD.

      # Set variables
      
      # Create array from list of Employee IDs in a text file
      $IDs = Get-Content “Z:\Areas\WC.txt”
      
      # Pull All Users From Active Directory
      Get-ADUser -Filter “*” -Property * |
      
      # Pass the output into a filter that only passes on those users, whose ID is listed
      Where-Object { $IDs -contains $_.employeeID } |
      
      # Get all information on the remaining users
      Set-ADUser -Division “West”

      Next, I will have to further separate the users into their Areas and run the same script to add the Area code into  extensionAttribute3 because I have been denied approval to add a custom attribute to AD.

      
      # Set variables
      
      # Create array from list of Employee IDs in a text file
      $IDs = Get-Content “Z:\Areas\AT8.txt”
      
      # Pull All Users From Active Directory
      Get-ADUser -Filter “*” -Property * |
      
      # Pass the output into a filter that only passes on those users, whose ID is listed
      Where-Object { $IDs -contains $_.employeeID } |
      
      # Get all information on the remaining users
      Set-ADUser -Add @{extensionAttribute3 = “AT8”}

      I want/need to make this a single operation.

      # Put all AD users into an array
      $ADUsers = Get-ADuser -Filter * -Properties EmployeeID,SamAccountName,Mail,Department

      Then compare to the HR CSV file

      # Put HR data into an array
      $HRusers = Import-CSV c:\temp\Employees.csv

      Here’s where I don’t know what I’m doing….

      How can I:
      1) Take each employeeID from HR and find that user in AD

      ForEach ($ID in $HRusers)

      2) Take the Zone for that user and write it to the Division attribute in AD

       Set-ADUser -Division “Midwest”

      3) Take the Area for that user and write it to extensionAttribute3

       Set-ADUser -Add @{extensionAttribute3 = “KS022”}

      I know this can be done without iterating through AD each time as my current script does, and I know I should be able to set multiple attributes for each user at the same time.

      I just have not been able to figure out how to do it…

      Thanks for reading this far, and thank you for any help you can provide.

      dot19408

    • #173068
      Participant
      Topics: 0
      Replies: 115
      Points: 433
      Helping Hand
      Rank: Contributor

      Hello Dot,

      I’m happy to help you with this. Can you provide the code not broken up? The more details the better, what is the original format from HR? We may be able to save you some headache. 🙂

    • #173074
      Participant
      Topics: 0
      Replies: 115
      Points: 433
      Helping Hand
      Rank: Contributor

      Just to give you an idea of what we can do here.

       

      # This is asusming you have a csv file from HR
      $IDList = Import-CSV "Z:\Areas\WC.csv"
      
      #Iterate through each ID in ID List, assuming we have headers as listed in the table in Original post.
      Foreach ($id in $IDList){
         Try {
            $ADUser=Get-ADUser-Filter {EmployeeID -eq$ID.Employee} -ErrorAction STOP -Properties EmployeeID, ExtensionAttribute3, Division, Mail, Department
            #Using DistinguishedName to remove any ambuguity.
            #SamAccountName may be duplicated if a merger and acquistion were to occur.
            Set-ADUser$ADUser.DistinguishedName-Add {ExtensionAttribute3 =$ID.Area} -Division $Id.Zone-ErrorAction STOP
         }
         Catch{
            Write-Warning $_.Exception.Message
         }
      }
Viewing 2 reply threads
  • The topic ‘Using multiple values in a CSV file to manipulate AD user accounts.’ is closed to new replies.