[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 959
  • Last Modified:

Using a csv file to edit users dialin settings

I have a csv file (dialin.csv) that contains users who must have their dialin properties set in Active Directory. The list is formated like this (user;ip):
akr;10.3.86.34
lgt;10.3.86.76
jrv;10.3.86.23
and so on...


I have found this script (http://calumpowell.com/tag/dial-in/) and now I would like to use the csv file in combination with the script to update all the users in one operation.
function Convert-IP {  
param(  
	[Parameter(ValueFromPipeline=$true)]  
	[String]$IPAddress = "127.0.0.1" )  

	$octetsDecimal = $IPAddress -split "\." 

	$octetsBinary = $octetsDecimal | % { [convert]::ToString($_, 2) }  

	$octetsBinary = $octetsBinary | % { ("0" * (8 - $_.length)) + $_ }  

	$octetsBinary | % { $binaryIP += $_ }  

	$integerIP = [convert]::ToInt32($binaryIP, 2)  

	return $integerIP 
} 

$IP = Convert-IP $staticip
Set-QADUser -Identity "Testuser" -IncludedProperties @("msNPAllowDialin", "msRADIUSFramedIPAddress", "msRASSave

Open in new window

Can anyone help me with this?

Regards
Kasper
0
Kasper Katzmann
Asked:
Kasper Katzmann
  • 9
  • 6
1 Solution
 
SubsunCommented:
What is the value you want to update for "msNPAllowDialin" in AD?
Also i think the code you posted is incomplete, what is the correct attribute name of "msRASSave" and the value you want to update?
0
 
Kasper KatzmannAuthor Commented:
Oops - Copy/Paste has failed. The last part (after the function) should be:
$IP = Convert-IP "10.20.30.40"
Set-QADUser -Identity "Testuser" -IncludedProperties @("msNPAllowDialin", "msRADIUSFramedIPAddress", "msRASSavedFramedIPAddress") -ObjectAttributes @{msNPAllowDialin=$true;msRADIUSFramedIPAddress=$IP;msRASSavedFramedIPAddress=$IP}

Open in new window

0
 
SubsunCommented:
Try
function Convert-IP {  
param(  
	[Parameter(ValueFromPipeline=$true)]  
	[String]$IPAddress = "127.0.0.1" )  

	$octetsDecimal = $IPAddress -split "\." 

	$octetsBinary = $octetsDecimal | % { [convert]::ToString($_, 2) }  

	$octetsBinary = $octetsBinary | % { ("0" * (8 - $_.length)) + $_ }  

	$octetsBinary | % { $binaryIP += $_ }  

	$integerIP = [convert]::ToInt32($binaryIP, 2)  

	return $integerIP 
} 

Import-Csv "dialin.csv" | %{
$IP = Convert-IP $_.ip
Set-QADUser -Identity $_.user -IncludedProperties @("msNPAllowDialin", "msRADIUSFramedIPAddress", "msRASSavedFramedIPAddress") -ObjectAttributes @{msNPAllowDialin=$true;msRADIUSFramedIPAddress=$IP;msRASSavedFramedIPAddress=$IP}
}

Open in new window

CSV format
user,ip
akr,10.3.86.34
lgt,10.3.86.76
jrv,10.3.86.23

Open in new window

0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Kasper KatzmannAuthor Commented:
As far as I understand, I have to used titles in the first row? Not that it is a problem, just so I can understand.
0
 
SubsunCommented:
Yes you are right.. you need to use the header of column from csv..
0
 
Kasper KatzmannAuthor Commented:
Great. I test it first time tomorrow, when I get to work.
0
 
Kasper KatzmannAuthor Commented:
I get this error when i try to run it:
Set-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At C:\scripts\UpdateDialInBasedOnCSV.ps1:21 char:22
+ Set-QADUser -Identity <<<<  $_.user -IncludedProperties @("msNPAllowDialin", "msRADIUSFramedIPAddress", "msRASSavedFr
amedIPAddress") -ObjectAttributes @{msNPAllowDialin=$true;msRADIUSFramedIPAddress=$IP;msRASSavedFramedIPAddress=$IP}
    + CategoryInfo          : InvalidData: (:) [Set-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.SetUserCmdlet

Open in new window

0
 
Kasper KatzmannAuthor Commented:
I have verified that I'm able to read the csv file
0
 
SubsunCommented:
What is the result for Import-Csv "dialin.csv" | % {$_.User}
0
 
Kasper KatzmannAuthor Commented:
Changed the ;'s with ,'s and now it almost works. I have made a sample csv containing my self and one other user. It changes the settings for my profile, but not for the other one. Here's the error returned:
Set-QADUser : Adgang nægtet.
At C:\scripts\UpdateDialInBasedOnCSV.ps1:21 char:12
+ Set-QADUser <<<<  -Identity $_.user -IncludedProperties @("msNPAllowDialin", "msRADIUSFramedIPAddress", "msRASSavedFr
amedIPAddress") -ObjectAttributes @{msNPAllowDialin=$true;msRADIUSFramedIPAddress=$IP;msRASSavedFramedIPAddress=$IP}
    + CategoryInfo          : NotSpecified: (:) [Set-QADUser], UnauthorizedAccessException
    + FullyQualifiedErrorId : System.UnauthorizedAccessException,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdl
   ets.SetUserCmdlet

Open in new window

0
 
Kasper KatzmannAuthor Commented:
It returns the two users in my sample
0
 
Kasper KatzmannAuthor Commented:
Ohh, and by the way. Set-QADUser : Adgang nægtet. means Set-QADUser : Access Denied.
0
 
SubsunCommented:
UnauthorizedAccessException looks like permission error.. Did you try running PowerShell console with Run as administrator? Also make sure the account which you are using have permission to edit the attribute..
0
 
Kasper KatzmannAuthor Commented:
It works. First I ran it as administrator. But I have to run it as Domain Admin, not just Local Admin - DOH! Maybe I should have stayed in bed...

Thanks a lot for takeing time to help.

/Kasper
0
 
SubsunCommented:
No problem.. I'm glad I could help.. :-)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 9
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now