locked
Set-ADUser from a CSV file RRS feed

  • Question

  • Hi Guys

    Just a quick question. 

    We have an application that daily puts out all the users detailed info into a CSV file. I'm thinking about making a script that can cycle through all the users and compare it against the AD properties. Then if it finds something that changed i want it to change it.

    My question is when i run Set-ADUser, can i just set all the properties from the CSV file. Or do i need to figure out a way to only set the changed value?

    Hope it makes any sense :)

    Thursday, February 20, 2014 4:22 PM

All replies

  • Hi,

    You could probably get away with just running Set-ADUser with all of those properties from your CSV, but then you're putting a lot of trust into your input file.

    I'd recommend checking the values against what's currently set for the user and then sending yourself an alert email or something like that.


    Don't retire TechNet! - (Don't give up yet - 12,700+ strong and growing)

    Thursday, February 20, 2014 4:42 PM
  • Hi,

    You could probably get away with just running Set-ADUser with all of those properties from your CSV, but then you're putting a lot of trust into your input file.

    I'd recommend checking the values against what's currently set for the user and then sending yourself an alert email or something like that.


    Don't retire TechNet! - (Don't give up yet - 12,700+ strong and growing)

    Hi Mike

    Thanks for you're answer. It's from the customers SAP installation. So the input file should be reliable :)

    Thursday, February 20, 2014 9:47 PM
  • Hi,

    I would like to suggest you find the difference and then only modify those changed values.

    The Set-ADUser cmdlet modifies the properties of an Active Directory user. You can modify commonly used property values by using the cmdlet parameters. Property values that are not associated with cmdlet parameters can be modified by using the Add, Replace, Clear and Remove parameters.

    The Identity parameter specifies the Active Directory user to modify, if the identity changed, we may encounter errors.

    Regards,

    Yan Li


    Regards, Yan Li

    Monday, February 24, 2014 7:00 AM
  • Hi,

    I would like to suggest you find the difference and then only modify those changed values.

    The Set-ADUser cmdlet modifies the properties of an Active Directory user. You can modify commonly used property values by using the cmdlet parameters. Property values that are not associated with cmdlet parameters can be modified by using the Add, Replace, Clear and Remove parameters.

    The Identity parameter specifies the Active Directory user to modify, if the identity changed, we may encounter errors.

    Regards,

    Yan Li


    Regards, Yan Li

    Hi Yan

    Thank you for the reply.

    I ended up trying to make a script that look through all the values to see what changed. The i use Set-ADUser with the -Replace for all the properties. Mostly because i store the name of the property that need to change in a variable, and i didn't know how i would get that in to the parameter. I cant use Set-ADUser -$using:propertyname but if i use -Replace @{ $using:propertyname = $($using:user).$($using:PropertyName) }

    Monday, February 24, 2014 7:40 AM