?
Solved

Export and update a specific custome attribute using vbs

Posted on 2009-05-06
9
Medium Priority
?
2,272 Views
Last Modified: 2012-05-06
Export and update a specific custom attribute from AD user using vbs

Hi,
Im looking for a vbscript that will export a specific (#1\#2\#3&) customer attribute of users loaded from a txt\csv file.
Also, a script that will modify that custom attribute.

The scripts dont have to be depended and can be completely separate.
Anything like that?
0
Comment
Question by:johnnyjonathan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
9 Comments
 
LVL 7

Expert Comment

by:Hubasan
ID: 24314559
Hi johnnyjonathan,

I recently wrote a script that modifies two custom attributes on multiple users accounts in AD, so I think I can help you out with this one:

First, let the file be CSV and call it "input.csv".
Second, your input file should have UserID as a first parameter, and the value of the attribute it wants to change to as a second parameter.
Also to confirm the attribute you want to read and write to is "#1\#2\#3$" without qoutes of course?

Let me know.
0
 
LVL 27

Expert Comment

by:bluntTony
ID: 24314736
You could just use AdFind from Joeware.com. It's a very good utility which does exactly this. You can export user attributes to a CSV, edit, then import them back into AD again.
It' basically a better alternative to the built in CSVDE (which will export but not edit). Have a look here: http://www.joeware.net/freetools/tools/admod/index.htm
 
0
 

Author Comment

by:johnnyjonathan
ID: 24324459
Hubasan, the attribute i want to write could be anything, what i ment in #1\#2\#3 is the custome attribute's numbers.
so if you have something like that it could be grate.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 7

Expert Comment

by:Hubasan
ID: 24325131
Hi johnyjonathan,

Ok here is the script below that will READ and read only at this time, any custom attribute from ALL users in your Active Directory and log it to a CSV log file in the same directory where the script is executed from.

Format of the log is this:
Users Real Name,User ID,Custom attribute value

It will log ONLY those users that have that attribute populated. Please change the variable sCAttribName to what ever the name of your custom attribute is. My example was "comment" attribute that we have populated on all of our users PC.

Once you try this there is only a small modification that we can do so that it can take a CSV input file with the information that you want to put to this attribute of yours, but try this first.

Let me know how it goes.
On Error Resume Next
 
'Define constants
Const For_Reading = 1
Const For_Writing = 2
Const For_Appending = 8
Const cTitle = "Read and Log custom Attribute value"
 
'Put your custom attribute name in quotes here:
sCAttribName = "comment"
 
'Create Shell, Network and FileSystem Objects
Set oWS = CreateObject("wscript.shell")
Set oNet = CreateObject("wscript.network")
Set oFS = CreateObject("scripting.FileSystemObject")
 
'Connect to RootDSE and get the domain ADsPath
Set oRootDSE = GetObject("LDAP://rootDSE")
sADsPath = "LDAP://" & oRootDSE.Get("defaultNamingContext")
Set oDomain = GetObject(sADsPath)
 
'Create ADODB connection to look for and map to user container
Set oConnection = CreateObject("ADODB.Connection")
oConnection.Open "Provider=ADsDSOObject;"
 
Set oCommand = CreateObject("ADODB.Command")
oCommand.ActiveConnection = oConnection
 
 
'Setup a logfile
sScriptName = WScript.ScriptName
sScriptPath = WScript.ScriptFullName
sLog = Replace(sScriptName, ".vbs",".log")
sLogFile = Replace(sScriptPath, sScriptName, sLog)
Set oLogFile = oFS.CreateTextFile(sLogFile,True)
 
'Write starting point of the log
ologfile.WriteLine "User Name,User's ID," & sCAttribName & " value"
 
'Search ALL Active Directory Users
oCommand.CommandText = _
"SELECT ADsPath,Name,sAMAccountName FROM '" & sADsPath & "' WHERE " _
  	& "objectCategory='User'"
Set oRecordSet = oCommand.Execute
 
oRecordSet.MoveFirst	
 
 
Do Until oRecordSet.EOF
	sUserADPath = Empty
	sUser = Empty
	sCAttribValue = Empty
	sUser = oRecordSet.Fields("Name").Value
	sUserID = oRecordSet.Fields("sAMAccountName").Value
	sUserADPath = oRecordSet.Fields("AdsPath").Value
	Set oUser = GetObject(sUserADPath)	
	sCAttribValue = oUser.Get(sCAttribName)
	
	If IsEmpty(sCAttribValue) Then
		
	Else
		oLogFile.WriteLine sUser & "," & sUserID & "," & sCAttribValue
	End If
oRecordSet.MoveNext
Loop
	
 
 
'Close the log file
oLogFile.Close
 
'Display the message when the script is done executing.
oWS.Popup "Script Execution Finished!" & vbCrLf &_
"Please check the log file: " & vbCrLf & sLogFile, ,cTitle, vbInformation
 
Function CurrentDateTime()
	CurrentDateTime = FormatDateTime(now, vbLongDate) & " @ " & FormatDateTime(now, vbLongTime)
End Function

Open in new window

0
 
LVL 7

Expert Comment

by:Hubasan
ID: 24325144
Small correction:

Users PC's above should read "Users AD Accounts"
0
 

Author Comment

by:johnnyjonathan
ID: 24349425

Hubasan,


Thank you but I think we didn't understand each other correctly, the export I need, is not of a particular attribute inside a Custom Attribute.

But all the users (from a CSV\TXT list not all AD) that have anything written inside
Custom Attribute say #10.

Then, another script to input something different in the same attribute. so if a user had the word "desktop" on his Custom Attribute #10, the export file would list it, and the 2nd script would change the content of Custom Attribute #10 to "laptop" for example
0
 

Accepted Solution

by:
johnnyjonathan earned 0 total points
ID: 24349678
Found the solution @
http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_23897729.html?eeSearch=true
 and modified it a bit as the attached script

If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then
    strPath = Wscript.ScriptFullName
    strCommand = "%comspec% /c cscript  """ & strPath & """"
    Set objShell = CreateObject("Wscript.Shell")
    objShell.Run(strCommand), 1, True
    Wscript.Quit
End If
 
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("defaultNamingContext")
Set objOU = GetObject("LDAP://OU=Test," & strDomain) 
 
For Each objUser In objOU
    If objUser.Class = "user" Then
        
		sFile = "custom_attribute_export.txt"
 		Set oFSO = CreateObject("Scripting.FileSystemObject")
		Set fFile = oFSO.CreateTextFile(sFile)
    	fFile.WriteLine (objUser.DisplayName & " - extensionAttribute10: " & objUser.extensionAttribute10)
    	
    	'objUser.extensionAttribute10 = "test"
        'objUser.SetInfo
         
        fFile.Close 
         
    End If
Next

Open in new window

0
 

Author Comment

by:johnnyjonathan
ID: 24353165
any option to change the source of the script i added from an OU to a csv\txt file?
0
 
LVL 7

Expert Comment

by:Hubasan
ID: 24355357
Hi johnnyjonathan,

I'm sorry for misunderstanding earlier. I was under the impression you are looking to export the custom attribute value from all users in your AD and then import the changes only for some of them imported from CSV file.
In any case, since you have already found the solution and have already asked for the question to be closed, there will be no points awarded for any expert to help you with this.
If you still need help with this issue, please either re-open this question or open another question and leave it open until you are certain you have a FULL solution to the question you are asking.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question