alex hunt
Reputation: 47
improving automated updating user Attributes by comparing two object
im trying to automate the updating on User Attributes, I have this working so far, but it feels like im doing it the hard/dirty way, any suggestions on how to clean it up a bit/ make it tidier?
an if\else statement for each Attribute doesn't feel right but I'm not sure how else to do it
I'm comparing a User's Current Attributes with .csv that has the correct Attributes then if something dosn't match change that to the value in the .csv
$csvFile = 'C:\Path' # Enter a path to your import CSV file
$validUsernameFormat = '[^a-zA-Z_.]' # identifies anything that's _not_ a-z or underscore or .
$Mailpassword = ConvertTo-SecureString -string “4a1fd5e9f7e26f” -AsPlainText -Force
$MailCred = New-Object System.Management.Automation.PSCredential -argumentlist "38da1ca9daf082", $Mailpassword
$mailBody = $NewUserParams | out-string
# read the input csv and loop through
Import-Csv -Path $csvFile | ForEach-Object {
$firstName = $_.FirstName.Trim()
$surname = $_.Surname.Trim()
#$validUsernameFormat = "[^a-zA-Z_.]" # identifies anything that's _not_ a-z or underscore or .
$vaildusername = "($firstName'.'$surname)" -replace $validUsernameFormat, '' #removes anything that isn'tin $validUsernameFormat
$truncateifgreaterthanXchar = '(?<=^.{20}).*'
$username = $vaildusername -replace $truncateifgreaterthanXchar
$DefaultPassword = 'Pa$$w0rd'
$securePassword = ConvertTo-SecureString -String $DefaultPassword -AsPlainText -Force
# test if a user with that name already exists
$user = Get-ADUser -Filter "SamAccountName -eq '$username'" -ErrorAction SilentlyContinue
if ($user) {
$CurrentAttributes = Get-ADUser -Identity $username -Properties *
[psobject]$CorrectAttributes
$CorrectAttributes = @{
SamAccountName = $username; `
Name = "$firstname $surname"; `
DisplayName = "$firstname $surname"; `
UserPrincipalName = "[email protected]"; `
GivenName = $firstname; `
Surname = $surname
Path = "CN=Users,DC=domain,DC=com"; #change to switch based of Users Branch
City = $_.City; `
Country = $_.Country; #NOTE: This Feild must be the 2 digit Country Code, NOT the String Name of athe Country.
department = $_.OrgDepartmentName; `
Employeeid = $_.EmployeeId; `
mobile = $_.Mobile; `
Manager = $_.Manager; `
Office = $_.Branch; `
postalCode = $_.PostalCode; `
POBox = $_.PostOfficeBox; `
scriptPath = $_.scriptPath; `
Street = $_.StreetName; `
Title = $_.Title
}
if ($CurrentAttributes.city -ne $correctAttributes.city) {
Set-ADUser -Identity $username -City $correctAttributes.City
Write-Host "$username City Updated to $correctAttributes.City"
}
else {
write-Host "$username city is correct"
}
if ($CurrentAttributes.Name -ne $correctAttributes.Name) {
Set-ADUser -Identity $username -Name $correctAttributes.Name
Write-Host "$username Name Updated to ($correctAttributes.Name)"
}
else {
write-Host "$username Name is correct"
}
#$correctAttributes = @{}
}
Upvotes: 1
Views: 26
Answers (1)
Efie
Reputation: 1690
You can write them dynamically using 'splatting' like this:
$csvFile = 'C:\Path' # Enter a path to your import CSV file
$validUsernameFormat = '[^a-zA-Z_.]' # identifies anything that's _not_ a-z or underscore or .
$Mailpassword = ConvertTo-SecureString -string “4a1fd5e9f7e26f” -AsPlainText -Force
$MailCred = New-Object System.Management.Automation.PSCredential -argumentlist "38da1ca9daf082", $Mailpassword
$mailBody = $NewUserParams | out-string
# read the input csv and loop through
Import-Csv -Path $csvFile | ForEach-Object {
$firstName = $_.FirstName.Trim()
$surname = $_.Surname.Trim()
#$validUsernameFormat = "[^a-zA-Z_.]" # identifies anything that's _not_ a-z or underscore or .
$vaildusername = "($firstName'.'$surname)" -replace $validUsernameFormat, '' #removes anything that isn'tin $validUsernameFormat
$truncateifgreaterthanXchar = '(?<=^.{20}).*'
$username = $vaildusername -replace $truncateifgreaterthanXchar
$DefaultPassword = 'Pa$$w0rd'
$securePassword = ConvertTo-SecureString -String $DefaultPassword -AsPlainText -Force
# test if a user with that name already exists
$user = Get-ADUser -Filter "SamAccountName -eq '$username'" -ErrorAction SilentlyContinue
if ($user) {
$CurrentAttributes = Get-ADUser -Identity $username -Properties *
# You don't need this line because you are already declaring the variable in the next one
# [psobject]$CorrectAttributes
$CorrectAttributes = @{
SamAccountName = $username
Name = "$firstname $surname"
DisplayName = "$firstname $surname"
UserPrincipalName = "[email protected]"
GivenName = $firstname
Surname = $surname
Path = "CN=Users,DC=domain,DC=com" #change to switch based of Users Branch
City = $_.City
Country = $_.Country #NOTE: This Feild must be the 2 digit Country Code, NOT the String Name of athe Country.
department = $_.OrgDepartmentName
Employeeid = $_.EmployeeId
mobile = $_.Mobile
Manager = $_.Manager
Office = $_.Branch
postalCode = $_.PostalCode
POBox = $_.PostOfficeBox
scriptPath = $_.scriptPath
Street = $_.StreetName
Title = $_.Title
}
foreach($attribute in $CorrectAttributes.Keys) {
if($currentAttributes.$attribute -ne $correctAttributes.$attribute) {
$params = @{Identity = $username; $attribute = $correctAttributes.$attribute}
Set-ADUser @params
Write-Host "$username '$attribute' updated to $correctAttributes.$attribute"
}
else {
Write-Host "$username '$attribute' is correct"
}
}
}
}
Upvotes: 1
Related Questions
- Bulk AD user Attribute Update
- Powershell help updating Active Directory attributes
- Compare-Object on two AD user accounts
- Modify user object and push modifications back to Active Directory
- Powershell script to update Active Directory attributes of existing users
- Powershell comparison with attributes
- Updating custom attributes in Active Directory
- How can I use Powershell to modify an Active Directory users attributes based on Employee ID?
- Powershell script to update Active Directory attribute
- Updating users with different descriptions in AD