Powershell - update attributes in Active Directory based on JSON file-CodePudding

This is an extraction of my json file:

[
    {
        "ProductionSubfolders":     [
                                      "ABC",
                                      "XYZ"
                                      
                                    ],
        "ProductionSubfoldersDN":   [
                                         "OU=ABC,DC=bla,DC=root,DC=local",
                                         "OU=XYZ,DC=bla,DC=root,DC=local"

                                    ]
    }
]

ProductionSubfolders = the values are the name of an Organizational Unit in Active Directory

ProductionSubfoldersDN = the values are the assocciated DistinguishedName of the Organizational Unit

I want to add an entry for the Active Directory attribut called "description" of the Organizational Units that are listed in the json file - in this case "ABC" and "XYZ".

The new value of the attribut "description" in Active Directory should be "Test the name of the OU", so in this case : "Test-ABC" and "Test-XYZ".

This is what I have:

$json = Get-Content "C:\prod.json" |ConvertFrom-JSON


foreach ($item in $json) {
    
    foreach {$item1 in $item.ProductionSubfoldersDN} {
       $name = $item.ProductionSubfolder
       $p= Get-ADOrganizationalUnit -Identity $item1 -Properties description| Select description
       if ($p.description -notlike "*Test*") {Set-ADObject -Identity $item1 -Add 
       @{description="Test-$name}
    }
}

It works. For the OU "ABC" there is a new description attribut value in AD and for the OU "XYZ" is also a new description attribut value in the AD. But the name of the attribut is wrong. It is "Test-ABCXYZ" for both OUs, instead of "Test-ABC" for the OU "ABC" and "Test-XYZ" for the OU "XYZ".

I know that this is because $item.ProductionSubfolder contains both names: "ABC" and "XYZ". But I do not know how to change it, how to separate the names and match them correctly to the associated ProductionSubfolderDN.

THANKS IN ADVANCE!!

CodePudding user response：

Your Json consists of 2 properties and both of them are arrays, the way you could iterate correctly over them would be using a for loop. I personally don't think it's a good idea using this kind of object to update AD Objects but here is how you can do it.

First you need to get the count of elements on the arrays, and then use a for loop with that count:

$ErrorActionPreference = 'Stop'
$count = $json.ProductionSubfoldersDN.Count

for($i = 0; $i -lt $count; $i  ) {
    $dn = $json.ProductionSubfoldersDN[$i]
    $description = 'Test-{0}' -f $json.ProductionSubfolders[$i]
    try {
        Set-ADOrganizationalUnit $dn -Description $description
    }
    catch {
        Write-Warning $_.Exception.Message
    }
}

Above code assumes that the properties of your Json will have the same count ($json.ProductionSubfoldersDN.Count must be equal to $json.ProductionSubfolders.count).

CodePudding user response：

a solution to link the value of subfolder to subfolderDN:

foreach ($item in $json)
{
    foreach ($name in $item.ProductionSubfolders)
    {
        foreach($ou in $item.ProductionSubfoldersDN)
        {
            if ($ou -like 'OU='   $name   '*')
            {
                $n = 'Test-{0}' -f $name
                
                $name   ' is inside '   $ou;
                $ou;
                $n;
                #Set-ADOrganizationalUnit $ou -Description $n
            }
        }   
    }
}


ABC is inside OU=ABC,DC=bla,DC=root,DC=local
OU=ABC,DC=bla,DC=root,DC=local
Test-ABC
XYZ is inside OU=XYZ,DC=bla,DC=root,DC=local
OU=XYZ,DC=bla,DC=root,DC=local
Test-XYZ

i test if the OU contains the name of OU from subfolders using like which is not case sensitive (use clikefor case sensitive)

this solution is functional whatever the order of OU..