Sign in
 

none
unable to update "manager" AD attribute

 > 

    Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Windows Server 2008 R2

    i have this code that i use to update our employee information in AD (created thanks to all the good people in this forum). today, i have to update the manager AD attribute but it keep saying like invalid ID. so i was forced to create a separate script just for updating the manager attribute. here is the script that doesn't work for the manager attribute:

    Import-CSV 'D:\Documents\16Apr2017.csv' | foreach-object {

$hash = @{
	givenName = $_.fname
	sn = $_.lname
	company = $_.comp
	title = $_.title
}

if ($_.func) { $hash["department"] = $_.func }
if ($_.physicalDeliveryOfficeName) { $hash["physicalDeliveryOfficeName"] = $_.dept }
if ($_.address) { $hash["msExchExtensionAttribute17"] = $_.address }
if ($_.city) { $hash["msExchExtensionAttribute18"] = $_.city }
if ($_.zip) { $hash["msExchExtensionAttribute20"] = $_.zip }
if ($_.phone) { $hash["Comment"] = $_.phone }
if ($_.loc) { $hash["msExchExtensionAttribute19"] = $_.loc }
if ($_.manager) { $hash["manager"] = $_.manager }

echo $hash
echo " "

# $ErrorActionPreference = 'Stop'
# $Error.Clear()
try {
    Set-ADuser -Identity $_.ID -Replace $hash
    echo "record saved" $_.ID
    echo " "
    echo "---------------------------------------------------------------------"
}
catch {
    Write-Output "$_.ID does not exist"

}
}

    and here is the separate script just to update the manager attribute:

    $Users = Import-CSV 'D:\Documents\16Apr2017.csv'
foreach ($User in $Users) 
 { 
 Set-ADUser $User.ID -Manager $User.manager 
 }

    what could i be missing in the first script?

    Sunday, April 16, 2017 1:14 PM
    |

Answers

  • Question
    Sign in to vote
    1
    Sign in to vote

    The -Manager parameter of the Set-ADUser cmdlet accepts either the sAMAccountName or the distinguishedName of the manager. But the manager attribute itself must be the distinguishedName. The -Manager parameter converts the sAMAccountName for you, but when you use the -Replace parameter, you are assigning a value to the manager AD attribute directly, so it must be a distinguished name.

    Either enter the distinguishedNames for managers in the CSV, or perhaps use both the -Replace parameter and the -Manager parameter in one Set-ADUser statement. You can assign the value of manager in your CSV file to a variable, then pass that to the -Manager parameter.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Sunday, April 16, 2017 7:27 PM
    |

All replies

  • Question
    Sign in to vote
    1
    Sign in to vote

    The -Manager parameter of the Set-ADUser cmdlet accepts either the sAMAccountName or the distinguishedName of the manager. But the manager attribute itself must be the distinguishedName. The -Manager parameter converts the sAMAccountName for you, but when you use the -Replace parameter, you are assigning a value to the manager AD attribute directly, so it must be a distinguished name.

    Either enter the distinguishedNames for managers in the CSV, or perhaps use both the -Replace parameter and the -Manager parameter in one Set-ADUser statement. You can assign the value of manager in your CSV file to a variable, then pass that to the -Manager parameter.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Sunday, April 16, 2017 7:27 PM
    |
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    Alvin Wang

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, April 21, 2017 8:39 AM
    |
    Moderator