Export and update a specific custome attribute using vbs

Posted on 2009-05-06
Last Modified: 2012-05-06
Export and update a specific custom attribute from AD user using vbs

Im looking for a vbscript that will export a specific (#1\#2\#3&) customer attribute of users loaded from a txt\csv file.
Also, a script that will modify that custom attribute.

The scripts dont have to be depended and can be completely separate.
Anything like that?
Question by:johnnyjonathan
  • 4
  • 4

Expert Comment

ID: 24314559
Hi johnnyjonathan,

I recently wrote a script that modifies two custom attributes on multiple users accounts in AD, so I think I can help you out with this one:

First, let the file be CSV and call it "input.csv".
Second, your input file should have UserID as a first parameter, and the value of the attribute it wants to change to as a second parameter.
Also to confirm the attribute you want to read and write to is "#1\#2\#3$" without qoutes of course?

Let me know.
LVL 27

Expert Comment

ID: 24314736
You could just use AdFind from It's a very good utility which does exactly this. You can export user attributes to a CSV, edit, then import them back into AD again.
It' basically a better alternative to the built in CSVDE (which will export but not edit). Have a look here:

Author Comment

ID: 24324459
Hubasan, the attribute i want to write could be anything, what i ment in #1\#2\#3 is the custome attribute's numbers.
so if you have something like that it could be grate.
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.


Expert Comment

ID: 24325131
Hi johnyjonathan,

Ok here is the script below that will READ and read only at this time, any custom attribute from ALL users in your Active Directory and log it to a CSV log file in the same directory where the script is executed from.

Format of the log is this:
Users Real Name,User ID,Custom attribute value

It will log ONLY those users that have that attribute populated. Please change the variable sCAttribName to what ever the name of your custom attribute is. My example was "comment" attribute that we have populated on all of our users PC.

Once you try this there is only a small modification that we can do so that it can take a CSV input file with the information that you want to put to this attribute of yours, but try this first.

Let me know how it goes.
On Error Resume Next
'Define constants
Const For_Reading = 1
Const For_Writing = 2
Const For_Appending = 8
Const cTitle = "Read and Log custom Attribute value"
'Put your custom attribute name in quotes here:
sCAttribName = "comment"
'Create Shell, Network and FileSystem Objects
Set oWS = CreateObject("")
Set oNet = CreateObject("")
Set oFS = CreateObject("scripting.FileSystemObject")
'Connect to RootDSE and get the domain ADsPath
Set oRootDSE = GetObject("LDAP://rootDSE")
sADsPath = "LDAP://" & oRootDSE.Get("defaultNamingContext")
Set oDomain = GetObject(sADsPath)
'Create ADODB connection to look for and map to user container
Set oConnection = CreateObject("ADODB.Connection")
oConnection.Open "Provider=ADsDSOObject;"
Set oCommand = CreateObject("ADODB.Command")
oCommand.ActiveConnection = oConnection
'Setup a logfile
sScriptName = WScript.ScriptName
sScriptPath = WScript.ScriptFullName
sLog = Replace(sScriptName, ".vbs",".log")
sLogFile = Replace(sScriptPath, sScriptName, sLog)
Set oLogFile = oFS.CreateTextFile(sLogFile,True)
'Write starting point of the log
ologfile.WriteLine "User Name,User's ID," & sCAttribName & " value"
'Search ALL Active Directory Users
oCommand.CommandText = _
"SELECT ADsPath,Name,sAMAccountName FROM '" & sADsPath & "' WHERE " _
  	& "objectCategory='User'"
Set oRecordSet = oCommand.Execute
Do Until oRecordSet.EOF
	sUserADPath = Empty
	sUser = Empty
	sCAttribValue = Empty
	sUser = oRecordSet.Fields("Name").Value
	sUserID = oRecordSet.Fields("sAMAccountName").Value
	sUserADPath = oRecordSet.Fields("AdsPath").Value
	Set oUser = GetObject(sUserADPath)	
	sCAttribValue = oUser.Get(sCAttribName)
	If IsEmpty(sCAttribValue) Then
		oLogFile.WriteLine sUser & "," & sUserID & "," & sCAttribValue
	End If
'Close the log file
'Display the message when the script is done executing.
oWS.Popup "Script Execution Finished!" & vbCrLf &_
"Please check the log file: " & vbCrLf & sLogFile, ,cTitle, vbInformation
Function CurrentDateTime()
	CurrentDateTime = FormatDateTime(now, vbLongDate) & " @ " & FormatDateTime(now, vbLongTime)
End Function

Open in new window


Expert Comment

ID: 24325144
Small correction:

Users PC's above should read "Users AD Accounts"

Author Comment

ID: 24349425


Thank you but I think we didn't understand each other correctly, the export I need, is not of a particular attribute inside a Custom Attribute.

But all the users (from a CSV\TXT list not all AD) that have anything written inside
Custom Attribute say #10.

Then, another script to input something different in the same attribute. so if a user had the word "desktop" on his Custom Attribute #10, the export file would list it, and the 2nd script would change the content of Custom Attribute #10 to "laptop" for example

Accepted Solution

johnnyjonathan earned 0 total points
ID: 24349678
Found the solution @
 and modified it a bit as the attached script

If LCase(Right(Wscript.FullName, 11)) = "wscript.exe" Then
    strPath = Wscript.ScriptFullName
    strCommand = "%comspec% /c cscript  """ & strPath & """"
    Set objShell = CreateObject("Wscript.Shell")
    objShell.Run(strCommand), 1, True
End If
Set objRootDSE = GetObject("LDAP://RootDSE")
strDomain = objRootDSE.Get("defaultNamingContext")
Set objOU = GetObject("LDAP://OU=Test," & strDomain) 
For Each objUser In objOU
    If objUser.Class = "user" Then
		sFile = "custom_attribute_export.txt"
 		Set oFSO = CreateObject("Scripting.FileSystemObject")
		Set fFile = oFSO.CreateTextFile(sFile)
    	fFile.WriteLine (objUser.DisplayName & " - extensionAttribute10: " & objUser.extensionAttribute10)
    	'objUser.extensionAttribute10 = "test"
    End If

Open in new window


Author Comment

ID: 24353165
any option to change the source of the script i added from an OU to a csv\txt file?

Expert Comment

ID: 24355357
Hi johnnyjonathan,

I'm sorry for misunderstanding earlier. I was under the impression you are looking to export the custom attribute value from all users in your AD and then import the changes only for some of them imported from CSV file.
In any case, since you have already found the solution and have already asked for the question to be closed, there will be no points awarded for any expert to help you with this.
If you still need help with this issue, please either re-open this question or open another question and leave it open until you are certain you have a FULL solution to the question you are asking.

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This article runs through the process of deploying a single EXE application selectively to a group of user.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question