bndit
asked on
Slow powershell script....any way to speed it up?
I use the Quest AD cmdlets to update certain AD attributes, but I've noticed the script is "slow" (takes approx. 1-2 seconds per AD object). I'm updating 600+ AD objects and @ 1-2 seconds per object, the time adds up. I'm wondering if someone can tell me if this is normal or there's a more efficient way to rewrite my script. I noticed that when the script updates an object, the shell window shows/scrolls a list of attributes for the object (I'd assume the default properties). That's why I used the "-IncludedProperties" switch to see if that made a difference since I'm only targeting a handful of attributes...I know this switch works for the Get-QADUser but not sure if it's working for the Set-QADUser.
# Read source TXT file
$users = Get-Content -Path 'C:\users.txt'
# Look through each of the users and set AD attributes
foreach($user in $users){
Set-QADUser -Identity $user -IncludedProperties mail,department -ObjectAttributes @{mail='something';department='something'}
}
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Meir Rivkin
that alone should decrease time span of Set-QADUser
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
@soostibi
>>The output can also be suppressed by converting the result to [void]:
which is the same as assign the result to $null...
>>The output can also be suppressed by converting the result to [void]:
which is the same as assign the result to $null...
ASKER
Thank you both of you; your suggestions really helped and sped up my script although I found that the [void] approach reduced the execution time to 5secs per $user while the $null approach reduced it to 12secs per $user.
@soostibi
The only thing that I didn't use from your suggestion was the "permanent connection" to AD. However, I do my connection outside the ForEach block (see the attached code), and I'm wondering if doing the connection to AD as you suggest would help even more to reduce the execution time.
@soostibi
The only thing that I didn't use from your suggestion was the "permanent connection" to AD. However, I do my connection outside the ForEach block (see the attached code), and I'm wondering if doing the connection to AD as you suggest would help even more to reduce the execution time.
# Connect to Active Directory provider.
$pwd = Read-Host "Enter Password: " -AsSecureString
$DC = 'DC.domain.com:386'
$connAccount = 'ADAccount'
Connect-QADService -service $DC -ConnectionAccount $connAccount -ConnectionPassword $pwd
ForEach <...>
[void] (Set-QADUser -Identity $user -ObjectAttributes @{mail='something';department='something'} )
# Disconnect from Active Directory provider.
Disconnect-QADService
But use it as I did. So put the result of the connect-qadservice to a variable, and use it at Set-QADUser with -connection parameter. If you do not do this, the Set-QADUser may create a connection every time.
ASKER
Ok, I'll try that. Thanks again.