Updating a User attribute in the Enterprise

I was asked to update an attribute of the EmployeeNumber for each and every user in the Enterprise for a new Application that will be using the newly populated attribute for a Global Database application.

I had several examples that I could use for the job utilizing VbScript – but I wanted to use Powershell for the task.

It turned out to be a relatively easy task – using the Quest Active Directory Commandlets.

   1: add-PSSnapin quest.activeroles.admanagement 
   3: Connect-QADService -Service domain.com -Credential (Get-Credential)
   5: $infile = Import-Csv "c:\temp\file.csv"
   7: $logfile = "c:\temp\logfile.log"
   8: foreach ($line in $infile) {
   9:         set-QADObject ($line.domain +"\" + $line.login) -ObjectAttributes `
  10:             @{employeeNumber=$line.guid} 
  11:         if ($? -eq $true){
  12:         Write-output "Updated: $($line.domain)\$($line.login) with employeeNumber: `
  13:             $($line.guid)" >>  $logfile
  14:         } else {
  15:         Write-output "Error in updating: $($line.domain)\$($line.login)" >> $logfile
  16:         } 
  17:     }    
  19: ##Get Results
  20: $results = foreach ($line in $infile) {
  21:     get-QADObject ($line.domain +"\" + $line.login) -IncludedProperties ` 
  22:         Name, employeeNumber | select Name, employeeNumber 
  23:     } 
  24: $results >> $logfile
  26: Disconnect-QADService -Service domain.com

A Quick explanation:

Line 1: Add the Quest Snapin

Line 3: Connect to the domain with acquired credentials

Lines 5-7: import the CSV file that was formatted - domain,login,guid, and create a log file for results

Lines 8-17: Go through each line in the CSV – if successful log to the file and if not then report the error to the log file.

Lines 20-24: Go through the list of users again – retrieving only the Name and EmployeeNumber properties and pipe the results in the same log file.

The script to a longer to write than it did to run.

Hope you enjoyed the ride.