Adding/Editing Active Directory attributes

How many objects are you pulling?

It could be that the computer is running out of memory. You can try a few things.

1. Only pull the properties you need by adding the -Properties param:

-Properites distinguishedname,samaccountname,mail

Select allOpen in new window

2. Change the page size to something smaller like 50 (default is 250)

-ResultPageSize 50

Select allOpen in new window

So the new script would look like this:

Get-ADUser -LDAPFilter "(!(mail=\.name*))" -resultSetSize $null -ResultPageSize 50 -Properties distinguishedname,samaccountname,mail -searchbase "ou=test,dc=nwtraders,dc=com"| % {set-aduser -identity $_.distinguishedname -email ($_.samaccountname + "@nwtraders.com")}

Select allOpen in new window

I'm trying your modified script right now.  You're probably right about the computer running out of memory but this particular OU has around 33,000 objects.
Since more than half of the objects now have the email attribute, is there a way to have it search for those objects within that OU that don't have that attribute?  And if that attribute isn't present, then concatenate the samaccountname with the @domain.com?

Sorry, meant to address that. The answer is the script is already only pulling users that don't have the email defined. If you kept running the current script over and over I imagine it would make it through all the users eventually.

So far, the script you provided hasn't bombed - not sure whether it's actually filling in the blanks yet either.
Will report back once this script completes (or bombs - hopefully the former :-) )

OK, as soon as I finished posting my previous response I checked the script and it has bombed with the same error::
Get-ADUser : The server has returned the following error: invalid enumeration context.
Is there a way to create a log as it iterates through the objects?  
Maybe it's encountering a bad account that is causing it to bomb but since no log is created, I have no way to check that.

After a little digging, the error is actually related to the length of time the query is running. So the best advice I can give you is to run the script from a DC that is powerful and isn't doing much and make sure it's querying itself and not another DC.

http://blogs.technet.com/b/askds/archive/2012/04/14/saturday-mail-sack-because-it-turns-out-friday-night-was-alright-for-fighting.aspx#invalidenumeration

So change the -Server parameters to the DC you're using.

Get-ADUser -LDAPFilter "(!(mail=\.name*))" -resultSetSize $null -Server server.nwtraders.com -Properties distinguishedname,samaccountname,mail -searchbase "ou=test,dc=nwtraders,dc=com"| % {set-aduser -identity $_.distinguishedname -email ($_.samaccountname + "@nwtraders.com") -Server server.nwtraders.com}

Select allOpen in new window

I logged into a DC that is a pretty beefy server and right now, none of our DC's should be very busy since schools are out for Christmas break.  I'm currently running the script.
Right now, I can't see that the process is filling in the mail attribute but when I refresh the Active Directory Users and Computers screen, it appears possibly more have filled in.  
When I ran the process to start with, I didn't have the syntax quite right and it filled in the mail attribute with (exactly) "%sAMAccountName%@domain.com".  The process appears to overwrite this, but if it doesn't - is there a way to "find and replace" for that attribute?

Yes, we can change the filter so that it pulls all the accounts that have "%sAMAccountName%@domain.com" as their email address.
Change the -LDAPFilter "(!(mail=\.name*)) to -Filter {mail -eq "%sAMAccountName%@domain.com"} and it will modify those accounts.

But the current filter is looking for the username in the email address so it should modify any accounts that don't have the proper email address configured.

That's pretty much what I thought but thanks for the filter change.
The script is still running - which is a good thing.  I'm hoping this time it will go to completion.
I'll post the results.

Have you considered using either PowerShell or tools like admod (http://www.joeware.net/freetools/tools/admod/ ) to perform the updates? This should allow you to store attribute value in a text file - manipulate its content - and save it back in AD
hth

Moreover if consider for scripts its like With Powershell you could do this step by step on the Powershell command line and as you successfully complete each step you can build your script.
You will need to ensure you have a 2008 DC or load the hotfix to allow your 2003 DC to host the Powershell.
http://blogs.technet.com/b/danstolts/archive/2011/03/07/how-to-install-powershell-on-windows-server-2003-and-enable-remote-powershell-management-all-servers-should-have-this-done.aspx
Active Directory Script Center
http://gallery.technet.microsoft.com/scriptcenter/site/search?f%5B0%5D.Type=RootCategory&f%5B0%5D.Value=activedirectory&f%5B0%5D.Text=Active%20Directory

Have you considered using either PowerShell

So far we've been posting PowerShell. So I'm not sure what you're getting at. The query time limit is on the AD side so no matter what tool you use it will be subject to the limit. But it is possible that other tools would be more efficient and so run the query faster.

I have been using PowerShell, the commands above in this thread are the commands I'm using.  Thanks for the links Detlef001 - I had seen the AD Scripting gallery.  Either I didn't use the correct words for my search or nothing was found that completly fit my needs.
I have about 400 more students that don't have the mail attribute on their accounts and for whatever reason, the script is now erroring out with this error
The term 'mail=\.name*' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
This script worked for the lion share of the students.  I can add the mail attribute manually to the remaining students but I'd really like to not have to do that.
Any thoughts

That's a syntax error you're getting. Make sure you have all the parenthesis and quotes correct.

If you like you can post the command verbatim and I'll see if I can point out the issue.

I've run this command several times and I believe it's iterating through the whole OU, not just finding the users that don't have a mail attribute.
The code below is generic and is what I used; I changed no quotes or parenthesis - just changed the OU, DC and the domain after the '@' for the email domain.
It worked on the lion share of the users; I only have about 1,000 more (from about 33,000)

Get-ADUser -LDAPFilter "(!(mail=\.name*))" -resultSetSize $null -searchbase "ou=test,dc=nwtraders,dc=com"| % {set-aduser -identity $_.distinguishedname -email ($_.samaccountname + "@nwtraders.com")}

I was just now trying to import a .csv file that I have concatenated the user name with the "@domain.com".  I've named that column "UserEmail".
I don't get an error when I use the Import-CSV ($Udata = Import-Csv .\UserData.csv), but I also don't know if it truly imports - it comes back to the [PS] prompt.  So I actually tried the command on one line

$Udata = Import-Csv .\UData.csv | foreach {($user in $Udata)Set-ADUser -Identity $user.sAMAccountName -Filter Mail = $user.UserMail}

I get this error: Unexpected token 'in' in expression or statement.

I think what I need is to know the syntax to put this at a powershell script instead of trying individual command and then run the .ps1 script.

Can anyone give me the necessary syntax to put the logic in the script to iterate through my .csv file and write the data from the "UserEmail" column to the LDAP mail attribute?

Thank you so much, that's the direction I needed to make this run properly.  I did have to put the "foreach" construct on one line and the name column in my .CSV file was just "Name" so I had to change that criterion to $user.name.

Glad to help.