I was asked to update an attribute of the EmployeeNumber for each and every user in the Enterprise for a new Application that will be using the newly populated attribute for a Global Database application.
I had several examples that I could use for the job utilizing VbScript – but I wanted to use Powershell for the task.
It turned out to be a relatively easy task – using the Quest Active Directory Commandlets.
1: add-PSSnapin quest.activeroles.admanagement
2:
3: Connect-QADService -Service domain.com -Credential (Get-Credential)
4:
5: $infile = Import-Csv "c:\temp\file.csv"
6:
7: $logfile = "c:\temp\logfile.log"
8: foreach ($line in $infile) {
9: set-QADObject ($line.domain +"\" + $line.login) -ObjectAttributes `
10: @{employeeNumber=$line.guid}
11: if ($? -eq $true){
12: Write-output "Updated: $($line.domain)\$($line.login) with employeeNumber: `
13: $($line.guid)" >> $logfile
14: } else {
15: Write-output "Error in updating: $($line.domain)\$($line.login)" >> $logfile
16: }
17: }
18:
19: ##Get Results
20: $results = foreach ($line in $infile) {
21: get-QADObject ($line.domain +"\" + $line.login) -IncludedProperties `
22: Name, employeeNumber | select Name, employeeNumber
23: }
24: $results >> $logfile
25:
26: Disconnect-QADService -Service domain.com
A Quick explanation:
Line 1: Add the Quest Snapin
Line 3: Connect to the domain with acquired credentials
Lines 5-7: import the CSV file that was formatted - domain,login,guid, and create a log file for results
Lines 8-17: Go through each line in the CSV – if successful log to the file and if not then report the error to the log file.
Lines 20-24: Go through the list of users again – retrieving only the Name and EmployeeNumber properties and pipe the results in the same log file.
The script to a longer to write than it did to run.
Hope you enjoyed the ride.