Solved

Powershell Question

Posted on 2016-09-08
9
41 Views
Last Modified: 2016-09-09
I ran a PS to update the "City" AD attribute. (on a win2k8r2 server)

 Set-ADUser -Replace @{ l="$($user.City)"}

Open in new window


From this site: http://social.technet.microsoft.com/wiki/contents/articles/12037.active-directory-get-aduser-default-and-extended-properties.aspx

It says the lDAPDisplayName for "city" is "l"

What happened is the attribute for "City" was properly updated...BUT... this value was also assigned to the attribute "LogonWorkstations"

Anyone know how to avoid this?

Thanks,
0
Comment
Question by:sparkis
  • 6
  • 2
9 Comments
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 41789746
Can't reproduce, try as I might (though on W2k12 AD); could it be that this is just a leftover from some other (failed) attempt at scripting AD changes?
PS C:\> Get-ADUser -Identity jdoe -Property l, logonWorkstations | Select l, logonWorkstations | fl

l                 :
logonWorkstations :

PS C:\> Set-ADUser -Identity jdoe -Replace @{l = 'Experts Exchange'}
PS C:\> Get-ADUser -Identity jdoe -Property l, logonWorkstations | Select l, logonWorkstations | fl

l                 : Experts Exchange
logonWorkstations :

Open in new window

0
 
LVL 16

Expert Comment

by:FOX
ID: 41789834
Going forward to either replace the city or add the city to a user all you have to do is
Set-Aduser username -City "NameofCity"                   (city has to be in quotes)

Replace switch with a hash table command is not needed

If you haven't cleared the logonworkstations entry yet you will run the command
Set-Aduser username -Logonworkstations $null
0
 

Author Comment

by:sparkis
ID: 41790307
I will try replacing the ldapdisplayname with "City" does it need to be in quotes like this this is a bulk job pulling data from csv

 Set-ADUser -Replace @{ "City"="$($user.City)"}

Open in new window

0
 

Author Comment

by:sparkis
ID: 41790310
it is not "leftover" the attribute was not there before I ran the script and was there - and put into affect - locking the user out of everything - after I ran the script.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:sparkis
ID: 41790342
Using -City, -"City"

does not work
0
 
LVL 16

Expert Comment

by:FOX
ID: 41790536
Sparkis please try to be clear next time about having a .csv and so forth.   I assume you have a .csv with your usernames.
At the top of the column that has your usernames name it users.
You will right-click the powershell icon (run as administrator)
commands will be the following

Import-Module ActiveDirectory                                                                                                            press enter
Import-csv "c:\temp\users.csv" | foreach{Set-ADUser $_.users -City "cityname"}                      press enter

If you have a row of usernames and a row of cities(different cities for users), name the top of cities column City and the command will be
Import-csv "c:\temp\users.csv" | foreach{Set-ADUser $_.users -City $_.City}
0
 

Author Comment

by:sparkis
ID: 41791142
That was all done correctly and was not the OP issue. The issue is not occurring. I re-ran the script and checked and the LogonWorkstation attr was not touched this time. I will cough it up as a fluke.
0
 

Author Comment

by:sparkis
ID: 41791144
For anyone that wants to use it this script was very useful
 
$users = Import-csv -Path "C:\Users\user\Documents\ Staff.csv"
            
foreach ($user in $users) {
Get-ADUser -Filter "sAMAccountName -eq '$($user.samaccount)'" -Properties * -SearchBase "ou=New York,dc=greenbriarequity,dc=com" |
 Set-ADUser -Replace @{
 l="$($user.City)";
 mobile="$($user.Cell)";
 telephoneNumber="$($user.Telephone)";
 facsimileTelephoneNumber="$($user.Fax)";
 title="$($user.Title)";
 st="$($user.State)";
 postalCode="$($user.PCode)";
 streetAddress="$($user.Street)";
 company="$($user.Company)"}
}

Open in new window

0
 

Author Closing Comment

by:sparkis
ID: 41791146
All set - Thanks
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
This article will help you understand what HashTables are and how to use them in PowerShell.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now