Home > Back-end >  Updating Active Directory Field from Csv
Updating Active Directory Field from Csv

Time:01-13

Giving myself a fun little project today I thought, but now it's grown into an issue and the solution eludes me. I have a massive .Csv file with all our employees sAMAccountName and telephoneNumber attributes. I would like to update all of the telephone numbers in our active directory. I was poking around some of my old scripts, taking parts and pieces that would work for this my first iteration got me too here.

$Users = Import-Csv -Path C:\Results\EmployeeExtsTest.csv

ForEach ($User in $Users) {
    $User = $User.sAMAccountName
    $telephoneNumber = $User.telephoneNumber
    Get-ADUser -Identity $User | Set-ADUser -telephoneNumber $telephoneNumber
    }

That's when I discovered that PowerShell doesn't have a -telephoneNumber attribute. So I did some digging and then arrived here.

$Users = Import-Csv -Path C:\Results\EmployeeExtsTest.csv

ForEach ($User in $Users) {
    $User = $User.sAMAccountName
    $telephoneNumber = $User.telephoneNumber
    Get-ADUser -Identity $User | Set-ADUser -Add @{telephoneNumber=$telephoneNumber}
    }

I tested it out with my user at first and I keep getting the following.

Set-ADUser : Cannot validate argument on parameter 'Add'. The argument is null or an element of the argument collection contains a null value.
At line:6 char:50
  ... -Identity $User | Set-ADUser -Add @{telephoneNumber=$telephoneNumber}
                                        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      CategoryInfo          : InvalidData: (:) [Set-ADUser], ParameterBindingValidationException
      FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.SetADUser

I know that it's reading my .Csv correctly because I can call it just fine. It outputs the following.

sAMAccountName telephoneNumber
-------------- ---------------
zgroven        1121

I know this solution "should" be easy but it's completely escaping me!

CodePudding user response:

I believe that you are being mislead by what is displayed and what the actual name of the property is due to behind the scenes aliasing.

Try using this instead:

set-aduser $user -OfficePhone $telephoneNumber

CodePudding user response:

To expand on @PaulWain answer. Active Directory Users and Computers displays Telephone Number, the AD Attribute is telephoneNumber, but Set-ADUser oddly uses the parameter OfficePhone for setting it. Another quirk due to OfficePhone being a "special" field, when clearing with Set-ADUser you actually have to use telephoneNumber as the field. e.g.:

$Users = Import-Csv -Path C:\Results\EmployeeExtsTest.csv
  
ForEach ($UserEntry in $Users) {
  $User = Get-ADUser -Filter "samAccountName -like '$($UserEntry.sAMAccountName)'" -Properties *

  #Check to see if the user exists
  if($User)
  {
    #Check to see if the Office Phone number has been cleared in CSV
    if ([string]::IsNullOrEmpty($UserEntry.telephoneNumber))
    {
      #Clear the user's OfficePhone (telephoneNumber) in Active Directory
      Set-ADUser -Identity $User -Clear telephoneNumber
    }
    else
    {                                               
      #Update the user in Active Directory
      Set-ADUser -Identity $User -OfficePhone $UserEntry.telephoneNumber
    }
  }
  else
  {
    Write-Host "User $($UserEntry.sAMAccountName) does not exist in Active Directory"
  }
}

One thing I add to my script is to use the -Filter parameter on my Get-ADUser that way I can verify the user exists without Get-ADUser throwing an error. See my answer for more information "Determine If Users Are In Active Directory With PowerShell":

The other method is to modify all of the properties all at once, and then use the Set-ADUser -Instance parameter to set them all at once (note: OfficePhone/telephoneNumber are special and have to be cleared manually like the above code, other fields can be manually cleared/set blank):

$Users = Import-Csv -Path C:\Results\EmployeeExtsTest.csv

ForEach ($UserEntry in $Users) {
  $User = Get-ADUser -Filter "samAccountName -like '$($UserEntry.sAMAccountName)'" -Properties *

  #Check to see if the user exists
  if($User)
  {
    #Check to see if the Office Phone number has been cleared in CSV
    if ([string]::IsNullOrEmpty($UserEntry.telephoneNumber))
    {
      #Clear the user's OfficePhone (telephoneNumber) in Active Directory
      Set-ADUser -Identity $User -Clear telephoneNumber
    }
    else
    {                                               
      #Modify Local instance of the user's properties
      $User.OfficePhone = $UserEntry.telephoneNumber
    }

    #Modify Local instance of other user's properties
    $User.GivenName = $UserEntry.GivenName
    $User.Surname = $UserEntry.Surname

    #..... etc.....

    #Update the user in Active Directory
    Set-ADUser -Instance $User
  }
  else
  {
    Write-Host "User $($UserEntry.sAMAccountName) does not exist in Active Directory"
  }
}

CodePudding user response:

The final script that got me through this is here

$Users = Import-Csv -Path C:\Results\EmployeeExts.csv

ForEach ($U in $Users) {
    $User = $U.sAMAccountName
    $telephoneNumber = $U.telephoneNumber
    Set-ADUser $User -OfficePhone $telephoneNumber
    }

Because I work for a school district I will be adding on more to this in the future to look for employees that are missing. As it stands now this script just updated nearly 1000 AD accounts perfectly (aside from the missing employees that have left). I want to thank all of you for helping in giving me pieces of this answer. You've made me better at my job.

Special thanks to @PaulWain and @HAL9256

Page link:https//www.codepudding.com/Backend/670868.html

Prev:Check if a list of values has the same values as in other list
Next:Format an array inside powershell object
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding