Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Powershell script

Posted on 2011-09-21
2
Medium Priority
?
568 Views
Last Modified: 2012-08-13
I have users in our OU structure that do not get fed an employee ID field in their employeeid attribute. I need to run a script to fill this with a generic value of NPE, but exclude users that have that attribute currently fed through by our HR software. Im new to powershell and we have to have this done today. As much help as i can get would be great. Please assist.
0
Comment
Question by:arsenal22
2 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 1000 total points
ID: 36575224
I would use the Quest AD cmdlets. You could do something like this



get-qaduser -SearchRoot "OU=USERS_OU,DC=Domain,DC=Local" -LDAPFILTER "(&(objectcategory=person)(objectclass=user)(!employeeID=*))" | Set-QADUser -ObjectAttributes @{employeeID="NPE"}

Open in new window

0
 
LVL 8

Assisted Solution

by:Brent Challis
Brent Challis earned 1000 total points
ID: 36813023
I have attached some code that defines a function that you can call to update a property value for AD objects.  If you do not supply a value for the -OldValue the test will be done for that property value being empty or null.

The -PassThru switch has been added so you can get the collection of user objects that have been updated.

This function assumes that you have a Windows Seerver 2008 R2 Domain Controller (or have retro fitted the functionality to an earlier server) and have already executed an Import-Module ActiveDirectory command to make the Get-ADUser and Set-ADUser cmdlets available.

I put a test line in as well. The first time I ran the test was without a parameter for the -OldValue so fill the ones that had nothing, then updated the value a few times.
function Set-DefaultADProperty
{
    PARAM
    (
        $Filter = "*",
        [Parameter(Mandatory=$true)]
        $Property,
        $OldValue,
        [Parameter(Mandatory=$true)]
        $NewValue,
        [switch]$PassThru = $false
    )
    Import-Module ActiveDirectory
    
    $command = {Get-ADUser -filter $Filter -properties $Property}

    $users = & $command
    $selectedUsers = @()
    foreach ($u in $users)
    {
        if ([system.string]::IsNullOrEmpty($OldValue))
        {
            if ([system.string]::IsNullOrEmpty($u.$Property))
            {
                $selectedUsers += $u
            }
        }
        else
        {
            if ($u.$Property -like $OldValue)
            {
                $selectedUsers += $u
            }
        }
    }
    
    foreach ($u in $selectedusers)
    {
        $u.$Property = $newValue
        Set-ADUser -Instance $u
    }
    
    if ($PassThru)
    {
        Write-Output $selectedUsers
    }
}

#Test
Set-DefaultADProperty -Filter * -Property employeeID -OldValue NPN -NewValue NP0 -PassThru

Open in new window

0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Screencast - Getting to Know the Pipeline

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question