Solved

Help with updating AD Using Powershell

Posted on 2016-08-01
11
66 Views
Last Modified: 2016-08-05
Need some help with updating multiple users in AD all at once by using a CSV file.

I currently have a CSV file of 1500 users that needs their Job title updated. These are the fields I have  

First Name     Last Name   Job Title

John                 Doe              Manager 1
Jane                 Doe              Manager 2

What would be a good way to update all the users in my csv file.  Is there a good script i can run? Do i need to change anything with my CSV file to make it easier for import?

thank you in advance for your help.
0
Comment
Question by:sirichaiphumirat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 
LVL 37

Expert Comment

by:Neil Russell
ID: 41738507
There is no guarantee in ad that first name and last name make a unique I'd therefore I would use the login name as the key and have that as a field in the import.
1
 
LVL 84

Expert Comment

by:oBdA
ID: 41738516
You'll need the user's SamAccountName or DN to identify the user; example:
"SamAccountName", "Job Title"
"jdoe1","Manager 1"
"jdoe2","Manager 2"

Open in new window

Then you only need a single line of PS:
Import-Csv .\jobtitle.csv | % {Set-ADUser -Identity $_.SamAccountName -Title $_.'Job Title' -Verbose}

Open in new window

0
 

Author Comment

by:sirichaiphumirat
ID: 41738525
Thank you so much.

As for the CSV file,  would i need to have a header of SamAccountName filed and Job Title filed on the top header of the CSV file?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 84

Expert Comment

by:oBdA
ID: 41738527
Yes, because the column titles will end up as properties of the imported objects.
If you don't have a header line, you'll have to tell Import-Csv the header information in the correct order (assuming the same format as above, only without the header line):
Import-Csv .\jobtitle.csv -Header 'SamAccountName', 'Job Title' | % {Set-ADUser -Identity $_.SamAccountName -Title $_.'Job Title' -Verbose} 

Open in new window

Including a header line makes the csv way more self-explanatory, though.
0
 

Author Comment

by:sirichaiphumirat
ID: 41739959
I won't be able to get the SamAccountName because its being imported from a software that doesn't hold the SamAccountname.  I'll have to use the Name filed.

Im not to great with scripts but i tried to modify yours but getting error messages. This is what I am using, could you tell me what I am doing wrong please?

I keep getting "cannot find an object with identity: 'Name' under: 'DC=XX, DC=Local"

Import-Csv .\change.csv -Header 'name', 'Title' | % {Set-ADUser -Identity $_.Name -Title $_.Title -Verbose}


my excel file looks like this
Name and title are the headers.

Name        ,     Title

John Doe ,   Manager 1
Jane Doe,     Manager 2
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 41740179
That software needs to be seriously rethought. Firstname/Lastname is not enough to uniquely identify a user in AD, unless you make hiring new people depend upon whether you already have an employee with the same name instead of qualification.
And that's how a one-liner turns into this (granted this now supports logging and some eye candy, but still):
$CsvFile = 'C:\Temp\jobtitle.csv'
$LogFile = $CsvFile -replace '\.csv\Z', '-results.csv'

$CsvUsers = Import-Csv -Path $CsvFile
$ADUsers = Get-ADUser -Filter {(GivenName -like '*') -and (Surname -like '*')} -ResultSetSize $Null | Select-Object SamAccountName, Surname, GivenName -ErrorAction Stop
$Results = ForEach ($CsvUser In $CsvUsers) {
	$Result = $CsvUser | Select-Object -Property `
		@{Name='Surname';	Expression={$_.'Last Name'}},
		@{Name='GivenName';	Expression={$_.'First Name'}},
		@{Name='JobTitle';	Expression={$_.'Job Title'}},
		SamAccountName,
		Result
	"Processing $($Result.GivenName) $($Result.Surname) " | Write-Host -ForegroundColor White -NoNewline
	If ($ADUser = $ADUsers | ? {($_.GivenName -eq $Result.GivenName) -and ($_.Surname -eq $Result.Surname)}) {
		If ($ADUser -is [array]) {
			$Result.Result = "ERROR: multiple matching accounts found: $(($ADUser | Select-Object -ExpandProperty SamAccountName) -join ', ')!"
		} Else {
			Try {
				$Result.SamAccountName = $ADUser.SamAccountName
				"($($Result.SamAccountName)) " | Write-Host -ForegroundColor White -NoNewline
				Set-ADUser -Identity $Result.SamAccountName -Title $Result.JobTitle -ErrorAction Stop
				$Result.Result = 'OK'
			} Catch {
				$Result.Result = 'ERROR: $($_.Exception.Message)'
			}
		}
	} Else {
		$Result.Result = 'ERROR: no matching account found!'
	}
	$ResultColor = If ($Result.Result.StartsWith('ERROR')) {[ConsoleColor]'Red'} Else {[ConsoleColor]'Green'}
	"... $($Result.Result)" | Write-Host -ForegroundColor $ResultColor
	$Result
}
If (-not [string]::IsNullOrEmpty($LogFile)) {
	$Results | Export-Csv -Path $LogFile -NoTypeInformation
}

Open in new window

0
 

Author Comment

by:sirichaiphumirat
ID: 41740984
oh wow thank you, will check this out. Yeah really hate the software we use
0
 

Author Comment

by:sirichaiphumirat
ID: 41743418
what should the header be to be able to run this script correctly?

I was able to run it, but it didn't read anything, i just got processing ... error: no matching account found:

thank you again for helping out.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 41744018
As described in your question:
"First Name","Last Name","Job Title"
0
 

Author Comment

by:sirichaiphumirat
ID: 41744658
thank you again for your help
0
 

Author Closing Comment

by:sirichaiphumirat
ID: 41744659
thank you again!!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question