none
update users attributes RRS feed

  • Question

  • hi all i use this script to update my users attributes on my domain the script run without error but it didn't write user attributes on active directory i need help to complete it :) 

    Import-Module ActiveDirectory
    $USERS = Import-CSV c:\users.csv
    $USERS|Foreach{

    Get-ADUser -Filter "sAMAccountName -eq '$_.logonname'" |Set-ADUser -GivenName $_.firstname -Surname $_.lastname -DisplayName $_.displayname -OfficePhone $_.Mobilenumber -City $_.city -State $_.state -Country $_.Country -MobilePhone $_.mobilephone -EmailAddress $_.emailaddress -Title $_.jobtitle -Department $_.department -Company $_.company -Replace @{ipPhone=$_.ipphone}


    Thursday, June 28, 2018 10:57 AM

Answers

  • With the instance method the issue of properties does not exist since we are retrieving each user although properties that have not yet been created are an issue.  Any attributes that do not exists will be created if we assign them as long as they are valid schema attributes.

    Adding specific "properties" will improve performance.

    $props = 'GivenName','Surname','DisplayName','OfficePhone','City','State','Country',
             'MobilePhone','EmailAddress','Title','Department','Company','ipPhone'
    Import-CSV c:\users.csv |
        ForEach-Object{
            if($u = Get-AdUser $_.logonname -Properties $props){
                $u.GivenName = $_.firstname 
                $u.Surname = $_.lastname 
                $u.DisplayName = $_.displayname 
                $u.OfficePhone = $_.Mobilenumber 
                $u.City = $_.city 
                $u.State = $_.state 
                $u.Country = $_.Country 
                $u.MobilePhone = $_.mobilephone 
                $u.EmailAddress = $_.emailaddress 
                $u.Title = $_.jobtitle 
                $u.Department = $_.department 
                $u.Company = $_.company 
                $u.ipPhone = $_.ipphone
                Set-AdUser -Instance $u
            }else{
                Write-Host 'User not found'
            }
        }
    


    \_(ツ)_/

    Thursday, June 28, 2018 1:25 PM
    Moderator

All replies

  • No need to use Get-ADUser. Use the -Identity parameter of Set-ADUser and specify the sAMAccountName of each user, $_.logonname in your script.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Thursday, June 28, 2018 11:21 AM
  • thanks for your quick response 

    how to edit it it didnt work with me 

    • Proposed as answer by TobyU Thursday, June 28, 2018 12:01 PM
    • Unproposed as answer by TobyU Thursday, June 28, 2018 12:01 PM
    Thursday, June 28, 2018 11:44 AM
  • how to edit it it didnt work with me 

    Set-ADUser -Identity $_.logonname -GivenName $_.firstname ...

    Thursday, June 28, 2018 12:02 PM
  • it gaive me Cannot validate argument on parameter 'Identity'. The argument is null and when i but my samaccount whitout parameter it give me error on -replace 

    Thursday, June 28, 2018 12:04 PM
  • Then there seems to be something wrong with your input CSV.

    What do you get if you just print out $_.logonname within the loop?

    Thursday, June 28, 2018 12:12 PM
  • Set-ADUser : A value for the attribute was not in the acceptable range of values
    At line:9 char:1
    + Set-ADUser -Identity $_.logonname -GivenName $_.firstname -Surname $_.lastname - ...

    :(

    Thursday, June 28, 2018 12:15 PM
  • Does

    $USERS = Import-CSV c:\users.csv
    $USERS | Foreach {
      $_.logonname
    }

    shows any useful data in the console?

    Thursday, June 28, 2018 12:20 PM
  • yes it show me my account  ahindi the result 
    Thursday, June 28, 2018 12:23 PM
  • and Get-ADUser -Identity ahindi works?
    Thursday, June 28, 2018 12:26 PM
  • yes and give me full account details

    DistinguishedName

    Enabled           : 
    GivenName         : 
    Name              : 
    ObjectClass       : 
    ObjectGUID        : 
    SamAccountName    :
    SID               : 
    Surname           : 
    UserPrincipalName

     
    Thursday, June 28, 2018 12:27 PM
  • Alright.

    If the ipPhone attribute is not yet set, you have to use -Add @{ipPhone=$_.ipphone} instead of -Replace @{ipPhone=$_.ipphone}

    Thursday, June 28, 2018 12:31 PM
  • Does the sAMAccountName have leading or trailing spaces? Or the value in the CSV could have leading or trailing spaces. Finding extra spaces can be tricky. Maybe use .Trim(). Or check the length of the value with .Length to see if the number of characters is correct.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)


    Thursday, June 28, 2018 12:33 PM
  • thnaks man it worked with the -Add @{ipPhone=$_.ipphone} 

    but the main script not worked yet

    Import-Module ActiveDirectory



    $USERS = Import-CSV c:\users.csv
    $USERS | Foreach {

    Set-ADUser -Identity $_.logonname -GivenName $_.firstname -Surname $_.lastname -DisplayName $_.displayname -OfficePhone $_.Mobilenumber -City $_.city -State $_.state -Country $_.Country -MobilePhone $_.mobilephone -EmailAddress $_.emailaddress -Title $_.jobtitle -Department $_.department -Company $_.company -Add @{ipPhone=$_.ipphone}

    Thursday, June 28, 2018 12:36 PM
  • Alright.

    If the ipPhone attribute is not yet set, you have to use -Add @{ipPhone=$_.ipphone} instead of -Replace @{ipPhone=$_.ipphone}

    Not true.  "Replace" will add or replace the attribute.  It will not do this on multi-value attributes.  IPPhone is a single value.


    \_(ツ)_/

    Thursday, June 28, 2018 12:37 PM
    Moderator
  • jrv is correct. -Replace should work fine, whether or not there is an existing value.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Thursday, June 28, 2018 12:42 PM
  • The following method will make this much easier to manage:

    Import-CSV c:\users.csv |
        ForEach-Object{
            $splat = @{
                Identity = $_.logonname
                GivenName = $_.firstname 
                Surname = $_.lastname 
                DisplayName = $_.displayname 
                OfficePhone = $_.Mobilenumber 
                City = $_.city 
                State = $_.state 
                Country = $_.Country 
                MobilePhone = $_.mobilephone 
                EmailAddress = $_.emailaddress 
                Title = $_.jobtitle 
                Department = $_.department 
                Company = $_.company 
                Replace = @{ipPhone=$_.ipphone}
            }
            Set-AdUser @splat
        }

    All fields must contain values.  Blank fields will cause an error.


    \_(ツ)_/


    Thursday, June 28, 2018 12:51 PM
    Moderator
  • The following method allows nulls in any field.

    Import-CSV c:\users.csv |
        ForEach-Object{
            if($u = Get-AdUser $_.logonname -Properties *){
                $u.GivenName = $_.firstname 
                $u.Surname = $_.lastname 
                $u.DisplayName = $_.displayname 
                $u.OfficePhone = $_.Mobilenumber 
                $u.City = $_.city 
                $u.State = $_.state 
                $u.Country = $_.Country 
                $u.MobilePhone = $_.mobilephone 
                $u.EmailAddress = $_.emailaddress 
                $u.Title = $_.jobtitle 
                $u.Department = $_.department 
                $u.Company = $_.company 
                $u.ipPhone = $_.ipphone
                Set-AdUser -Instance $u
            }else{
                Write-Host 'User not found'
            }
        }


    \_(ツ)_/


    Thursday, June 28, 2018 12:56 PM
    Moderator
  • many thanks man ur script worked it edited most of the fields but still some filed not edited i think it's csv file error
    Thursday, June 28, 2018 1:03 PM
  • The -Properties * will retrieve all default properties of the user, but only the extended properties that have values for the first user in the csv. The fix would be to list all properties required with -Properties.

    The extended properties you set are DisplayName, OfficePhone, City, State, Country, MobilPhone, EmailAddress, Title, Department, Company, and iPPhone. All the others are default. If the first user in the CSV has no values for any extended properties, then $u may not have that property, and perhaps that accounts for the value not getting updated.


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)



    Thursday, June 28, 2018 1:10 PM
  • With the instance method the issue of properties does not exist since we are retrieving each user although properties that have not yet been created are an issue.  Any attributes that do not exists will be created if we assign them as long as they are valid schema attributes.

    Adding specific "properties" will improve performance.

    $props = 'GivenName','Surname','DisplayName','OfficePhone','City','State','Country',
             'MobilePhone','EmailAddress','Title','Department','Company','ipPhone'
    Import-CSV c:\users.csv |
        ForEach-Object{
            if($u = Get-AdUser $_.logonname -Properties $props){
                $u.GivenName = $_.firstname 
                $u.Surname = $_.lastname 
                $u.DisplayName = $_.displayname 
                $u.OfficePhone = $_.Mobilenumber 
                $u.City = $_.city 
                $u.State = $_.state 
                $u.Country = $_.Country 
                $u.MobilePhone = $_.mobilephone 
                $u.EmailAddress = $_.emailaddress 
                $u.Title = $_.jobtitle 
                $u.Department = $_.department 
                $u.Company = $_.company 
                $u.ipPhone = $_.ipphone
                Set-AdUser -Instance $u
            }else{
                Write-Host 'User not found'
            }
        }
    


    \_(ツ)_/

    Thursday, June 28, 2018 1:25 PM
    Moderator
  • One other useful thing about the "Instance" method is that we can use it to create new user by copying an existing user or "template user".

    New-AdUser -Instance $userObject

    Just assign a new name and other mandatory properties and execute.


    \_(ツ)_/

    Thursday, June 28, 2018 1:34 PM
    Moderator
  • If jrv's code doesn't work, then I would check for leading or trailing spaces in the CSV.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Thursday, June 28, 2018 1:51 PM