使用 powershell 从 CSV 导入 AD 属性

Question

Im new to PowerShell and I'm attempting to update AD attributes using PowerShell from a.csv file

below are the rows in my csv file and what attributes I'm trying to update

Department > Department

Division > Division

Service > info

EmployeeFullname (using to identify the object)

LineMangerFullname > manager

CostCentre > departmentNumber

JobTitle > title

So far i've only been able to update the Department, Division, Title (Job Title) & Manager attributes in Active Directory

I am using the script below which updates these attributes successfully

$Users = Import-CSV C:\Users\user\Documents\CurrentWork\userlist.csv

ForEach ($User in $Users) {
    Get-ADUser -Filter * -property displayname | where {$_.displayname -eq $User.EmployeeFullName} | Set-ADUser -department $User.Department -Division $User.Division -Title $User.JobTitle -Manager $User.LineMangerFullname
}

however when adding info and departmentNumber to the script (below), it fails with:

 "parameter name 'info' is ambiguous" and A parameter cannot be found that matches parameter name 'departmentNumber'

$Users = Import-CSV C:\Users\user\Documents\CurrentWork\userlist.csv

ForEach ($User in $Users) {
    Get-ADUser -Filter * -property displayname | where {$_.displayname -eq $User.EmployeeFullName} | Set-ADUser -department $User.Department -Division $User.Division -Title $User.JobTitle -Manager $User.LineMangerFullname -info $User.Service -departmentNumber $User.'Cost Centre'
}

does anyone know what im doing wrong or how I can get these to update please and also how i can export the results to see if the update is successful? really stuck here

Answer 1

Set-ADUser does not expose all possible AD schema attributes as parameters, only a limited set of common user attributes - and the info attributes (or "Notes" as it's displayed in some tools) is not one of the ones it has parameters for.

To set the value of a property that doesn't have a corresponding parameter, use the -Replace or -Add parameter(s), by passing a hashtable that describes the update:

... |Set-ADUser -Replace @{ info = "new info value" }

Answer 2

As commented, The Manager property can only be one of DistinguishedName, GUID, SID or SamAccountName for Set-AccountName. Apparently, the CSV does not contain any of that and $User.LineMangerFullname contains the full First and Lastname of the manager.

For that, you need to use another Get-ADUser call to retrieve a valid property from that manager.

Next, as Mathias R. Jessen already pointed out in his helpful answer , not all attributes are directly available in the parameters of Set-ADUser, so for some you will have to use -Replace @{property = value} syntax.

Finally, I'd recommend using Splatting on cmdlets that potentially can take a lot of parameters to make the code clean/maintainable.

Try

$Users = Import-CSV C:\Users\user\Documents\CurrentWork\userlist.csv

foreach ($User in $Users) {
    $adUser = Get-ADUser -Filter "DisplayName -eq '$($User.EmployeeFullName)'" -Properties DisplayName -ErrorAction SilentlyContinue
    if ($adUser) {
        # set up a Splatting Hashtable for the Set-ADUser cmdlet
        $userParams = @{
            Department = $User.Department
            Division   = $User.Division
            Title      = $User.JobTitle
        }
        $manager = Get-ADUser -Filter "Name -eq "$($User.LineMangerFullname) -ErrorAction SilentlyContinue
        # if we did find a manager, add property 'Manager' to the Hashtable
        if ($manager) { $userParams['Manager'] = $manager.DistinguishedName }

        # use the Hash to splat all known parameters to Set-ADUser
        $adUser | Set-ADUser $userParams
        # next , update the attributes that have no direct parameter in Set-ADUser
        $adUser | Set-ADUser -Replace @{ info = $User.Service; departmentNumber = $User.'Cost Centre' }
    }
    else {
        Write-Warning "User $($User.EmployeeFullName) could not be found"
    }
}