Mahesh
asked on
AD User Modification PS script won't update user properties if manager ID is not available in AD
Help required for user modification script on list of users
The script has condition that if user manager is available in AD, set the same along with other properties, if not it should update the other properties
No matter what I do, if manager ID is not available in AD, script simply won't process that user and don,t update other properties of that user
I wanted that if manager id is not available in AD, still script should process other properties
Any help would be highly appreciated
The script has condition that if user manager is available in AD, set the same along with other properties, if not it should update the other properties
# Start of script
Import-Module ActiveDirectory
# Import File
$Users = Import-Csv "C:\userupdate\users.csv"
#Processing each user
Foreach ($User in $Users) {
try {
$ADUser = $null
$ADUser = Get-ADUser -Identity $User.Username -ErrorAction SilentlyContinue
if ($ADUser -ne $null) {
$Manager = $null
$Manager = Get-ADUser -Identity $User.ManagerID -ErrorAction SilentlyContinue
if ($Manager -ne $null) {
Set-ADUser -Identity $ADUser -Department $User.Department -Manager $user.ManagerID `
-EmailAddress $User.Email -Company $user.Company -MobilePhone $user.CellPhone -Title $user.Title
}
else {
Set-ADUser -Identity $ADUser -Department $User.Department `
-EmailAddress $User.Email -Company $user.Company -MobilePhone $user.CellPhone -Title $user.Title
}
}
"$($ADUser.sAMAccountName), User Modified Successfully" | Out-File -FilePath "C:\userupdate\result.txt" -Append -Force
}
# Catch error if any
catch {
"$($ADUser.sAMAccountName), Failed" | Out-File -FilePath "C:\userupdate\result.txt" -Append -Force
$error[0] | Out-File "C:\userupdate\errorlog.txt" -Append
}
}
No matter what I do, if manager ID is not available in AD, script simply won't process that user and don,t update other properties of that user
I wanted that if manager id is not available in AD, still script should process other properties
Any help would be highly appreciated
Does every user in your csv have a ManagerID?
Line 18
if (($Manager -ne $null) -and ($user.ManagerID -ne $nulll) ){
Line 18
if (($Manager -ne $null) -and ($user.ManagerID -ne $nulll) ){
ASKER
Tried that
Still no luck
what should be -Erroraction ?
Still no luck
what should be -Erroraction ?
ASKER
yes csv has managerID defined because it is import from some other HRMS tool but those managerID may not available in AD
As soon as script did not find managerID in AD, it simply ignore that user by ignoring all conditions (if else etc)
As soon as script did not find managerID in AD, it simply ignore that user by ignoring all conditions (if else etc)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
"Get-Aduser" if identity failed / didn't exists, it will pass on to next line in csv file
Basically if I try to modify "Manager" field along with other attributes, if manager id is not available in AD, it will simply ignore user for attributes as well.
I tried "if else" loop with filter specified for manager id and it also working, but then its unable to generate error code in errorlogfile if manager id is not available in AD
Hence I moved manager id modification to new line and now its started working.
I have modified code as below
Basically if I try to modify "Manager" field along with other attributes, if manager id is not available in AD, it will simply ignore user for attributes as well.
I tried "if else" loop with filter specified for manager id and it also working, but then its unable to generate error code in errorlogfile if manager id is not available in AD
Hence I moved manager id modification to new line and now its started working.
I have modified code as below
# Start of script
Import-Module ActiveDirectory -ErrorAction Stop
# Define result and error log file
$DateTime = Get-Date -Format ddMMyyyy_HHmm
$ResultLogFile = "C:\userupdate\ResultLogFile_$DateTime.txt"
$ErrorLogFile = "C:\userupdate\ErrorLogFile_$DateTime.txt"
# Import File
$Users = Import-Csv "C:\userupdate\users.csv"
#Processing each user
Foreach ($User in $Users) {
try {
$ADUser = $null
$ADUser = Get-ADUser -Identity $User.Username -ErrorAction SilentlyContinue
if ($ADUser -ne $null) {
Set-ADUser -Identity $ADUser -Department $User.Department -Manager $user.ManagerID `
-EmailAddress $User.Email -Company $user.Company -MobilePhone $user.CellPhone -Title $user.Title
Set-Aduser -Identity $ADUser -Manager $user.ManagerID -ErrorAction SilentlyContinue }
"$($ADUser.sAMAccountName), User Modified Successfully" | Out-File -FilePath $ResultLogFile -Append -Force
}
# Catch error if any
catch {
if($ADUser.SamAccountName -eq $null)
{
"$($user.Username),Account does not exists in AD" | Out-File -FilePath $ResultLogFile -Append -Force
}
else
{
"$($ADUser.SamAccountName),User Modified Successfully but failed to update Manager field because its not availabe in AD" | Out-File -FilePath $ResultLogFile -Append -Force
}
$($ADuser.SamAccountName) + " : " + $error[0].ToString() | Out-File $ErrorLogFile -Append
}
}
ASKER
I am awarding points to Coralon and Footech both because both have provided valid inputs which helps me to resolve the issue
Open in new window
Also, why are you setting -ErrorAction to SilentlyContinue? It pretty much negates the purpose of the try...catch block.