Home > Enterprise >  Move multiple users to multiple OUs importing users from CSV and filtering by Active Directory "
Move multiple users to multiple OUs importing users from CSV and filtering by Active Directory "

Time:06-07

I'm trying to move users from an onboarding CSV file to several different OUs after the account creation but I'm having issues with the syntax. Is it possible to use a wildcard lookup for a certain keyword such as "Remote" on the users Active Directory office attribute? Below is a snippet of the code. Any help would be appreciated.

$map = @{
'China'           = "China OU DistinguishedName"
'Russia'          = "Russia OU DistinguishedName"
'US - Miami'      = "Miami OU DistinguishedName"
'US - Tampa'      = "Tampa OU DistinguishedName"
'US - Reno'       = "Reno OU DistinguishedName"
'US - Charleston' = "Charleston OU DistinguishedName"
}



foreach($line in Import-Csv "C:\Test\Test Files\AD_Test.csv") {

$firstname = $line.'Legal First Name'.Trim()
$preferred_firstname = $line.'Preferred First Name'.Trim()

if($preferred_firstname){
    $firstname = $preferred_firstname
}

$lastname = $line.'Last Name'.Trim()
$displayname = $firstname   " "   $lastname
$param = @{
    # create a filter for this user
    # try to find him either by CommonName OR SamAccountName OR DisplayName
    LDAPFilter = "(|(cn=$displayName)(samAccountName=$displayName)(displayName=$displayName))"
    Properties = "Office"
}

# if the user can be found in AD
if($user = Get-ADUser @param) {
    # if the user's Office cannot be found in `$map`
    if(-not $map.ContainsKey($user.Office)) {
        Write-Warning "Office for '$displayName' could not be determined, skipping."
        # go to next line in Csv
        continue
    }
    # if the user's Office can be found in `$map`, move it to the destination OU
    $user | Move-ADObject -TargetPath $map[$user.Office]
    # and after moving it, skip below logic, go next
    continue
}
# if the user could not be found in AD
Write-Warning "'$displayName' could not be found in AD."
}

CodePudding user response:

As explained in previous answer, the hash table should be used for exact lookups, however you can still use it, but you would need to add more conditions in case the value for Office of the users couldn't be found in $map. For this you can use a switch to evaluate multiple conditions.

To understand the use of the :outer label, see about_Continue.

$map = @{
    # stays as-is, only exact values here
}

# set `outer` label for this loop
:outer foreach($line in Import-Csv "C:\AD_Test.csv") {
    # `$displayname` and `$param` code stays as-is here

    # if the user could not be found in AD
    if(-not ($user = Get-ADUser @param)) {
        # display the warning
        Write-Warning "'$displayName' could not be found in AD."
        # and skip next logic
        continue
    }

    # if the user can be found in AD, switch on `$user.Office`
    $destination = switch($user.Office) {
        # if the value is found on `$map` hashtable
        # get the destination OU, and break the switch loop
        { $map.ContainsKey($_) } { $map[$_]; break }
        # if the value contains "Remote", output this OU and break the loop
        { $_ -like "*Remote*" } { 'OU=Remote Here,DC=DOMAIN,DC=com'; break }
        # if above conditions were `$false`, the Default action is
        # display the warning message and go to next line of Csv
        Default {
            Write-Warning "Office for '$displayName' could not be determined, skipping."
            continue outer
        }
    }
    
    # if we are here, we can assume `$destination` is populated
    # hence we can move the user
    $user | Move-ADObject -TargetPath $destination -WhatIf
}

Page link:https//www.codepudding.com/Enterprise/432977.html

Prev:Downloaded Xcode 13.4.1 and don't see any simulators
Next:Cannot POST a JSON object to Database using Flask Python
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding