locked
Update AD Attributes based on DistinguishedName RRS feed

  • Question

  • Hi,

    I am trying to update some AD attributes based upon DistinguishedName values that are in a .CSV file.

    For example 

    "CN=fredsmith,OU=TestOU,DC=test,DC=CO,DC=UK", sAMAccountNamevalue

    I can find ways of doing this by using the sAMAccountName as the start point but not using DistinguishedName. Can anyone help with a method that can deal with doing this on bulk. Preferably that also writes out the previous values to a log file (in case of need to reverse change)

    Many thanks in advance

    Thursday, October 5, 2017 3:48 PM

All replies

  • Hi,

    I am trying to update some AD attributes based upon DistinguishedName values that are in a .CSV file.

    For example 

    "CN=fredsmith,OU=TestOU,DC=test,DC=CO,DC=UK", sAMAccountNamevalue

    I can find ways of doing this by using the sAMAccountName as the start point but not using DistinguishedName. Can anyone help with a method that can deal with doing this on bulk. Preferably that also writes out the previous values to a log file (in case of need to reverse change)

    Many thanks in advance

    • Merged by Wendy Jiang Friday, October 6, 2017 5:56 AM duplicated
    Thursday, October 5, 2017 3:49 PM
  • Get-AdUser "CN=fredsmith,OU=TestOU,DC=test,DC=CO,DC=UK"

    or

    Get-AdUser sAMAccountNamevalue

    both will work.

    help Get-AdUser -full


    \_(ツ)_/

    Thursday, October 5, 2017 4:13 PM
  • Also check the help for Set-ADUser, which works the same. You can identify users by either sAMAccountName or the full distinguished name. You can use the -Identity parameter, or the first parameter passed to the cmdlet will be assumed to identify the user, as in jrv's examples.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Thursday, October 5, 2017 7:26 PM
  • Thanks, I can perform that on a single user, I'm looking at a simple script to change users on bulk using a CSV file.

    E.g:

    "CN=abc,OU=TestOU,DC=test,DC=CO,DC=UK", sAMAccountNamevalue

    "CN=123,OU=TestOU,DC=test,DC=CO,DC=UK", sAMAccountNamevalue

    "CN=xyz,OU=TestOU,DC=test,DC=CO,DC=UK", sAMAccountNamevalue

    Friday, October 6, 2017 11:05 AM
  • Hi Dan,

    Does your CSV file have headers?

    You will likely need a foreach loop.

    Looking at your example above, it looks like you have the DistinguishedName and sAMAccountNameValue in your CSV.

    I'm using the below headers as an example, you will be able to use import-csv

    The Import-Csv cmdlet creates table-like custom objects from the items in CSV files. Each column in the CSV file becomes a property of the custom object and the items in rows become the property values.

    EXAMPLE HEADERS:

    "dn","samaccountname"

    $users = Import-CSV c:\users.csv
    
    $adusersproperties = foreach($user in $users)
                         {
                             Get-ADUser $user.dn -Properties * 
                         }
    
    $adusersproperties | out-file c:\adusersproperties.txt

    I have used the above to get all of the user properties for each of the users in your CSV. You mentioned that you wanted to get the attributes before you set them, so I assigned a variable to the foreach() loop and then piped it to out-file. You could also export it to another CSV or XML using different cmdlets if required.

    You can use the same foreach loop to Set-ADUser.

    * Sorry about the code formatting, doesn't seem to want to line up the way I would like it to.



    Thanks, Tim. | Please remember to mark the replies as answers if they help. |





    • Edited by Tim Haintz Friday, October 6, 2017 11:45 AM
    Friday, October 6, 2017 11:41 AM
  • Hi,

    Thanks for reply, I'm simply trying to set them (I know the distinguishedname/dn) - i am trying to update, sAMAccountName, Mail etc.

    Thanks

    Friday, October 6, 2017 1:02 PM
  • Ok, so if you have headers in your CSV:

    "dn","samaccountname","mail"

    You can use the below foreach loop

    $users = Import-CSV c:\users.csv
    
    foreach($user in $users)
    {
        Set-ADUser $user.dn -samaccountname $user.samaccountname -EmailAddress $user.mail 
    }
    That will update each user (each row) with the information (each column for each user) from the CSV.


    Thanks, Tim. | Please remember to mark the replies as answers if they help. |



    • Edited by Tim Haintz Friday, October 6, 2017 2:16 PM
    Friday, October 6, 2017 2:08 PM
  • Here's a script that should help: adaxes.com/script-repository/import-new-and-updated-users-from-csv-file-s246

    As a more advanced option, there are tools that allow you to do it with a GUI, templates and other fancy things: adaxes.com/active-directory_bulk-management

     
    Monday, October 9, 2017 10:54 AM
  • Hi,
    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    Frank

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, October 11, 2017 3:15 PM

  • Hi,

    Was your issue resolved? 

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.
    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.
    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,
    Frank

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, October 16, 2017 9:21 AM