Import a CSV Find an AD account by EmployeeID attribute and export to a CSV

Question

Good morning,

I need a Powershell script to import a csv, find users by the EmployeeID attribute in AD, and export a csv verifying the account is disabled. I only need Display Name, employeeID, and Enable/Disabled in the export.

I am still very new to Powershell and I can usually cut/paste and manipulate existing scripts to do what I need, but I cannot seem to get this to work and now my code looks like swiss cheese after the mice got to it. Here is what I have, but I'm not sure if I'm even close to what is needed.

#Script Starts
$Users = Import-Csv "\folder\Test.csv"

Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"

#Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs\$logdate.logfile.txt"

ForEach ($User In $Users)
{
   # Retrieve values from the csv by header name.
   $FirstName = $User.FirstName
   $LastName = $User.LastName
   $ID = $User.Employee 

   #Search AD for Attributes
   $UserSN = (Get-ADUser -LDAPFilter "(employeeID=$ID)").sAMAccountName
   $UserDN = (Get-ADUser -Identity $UserSN -Properties DisplayName).DisplayName
   $Enabled = (Get-ADUser -Identity $UserSN -Properties Enabled).Enabled
   Export-Csv -Path $logdate.ADEnabled-Disabled.csv -Append
} 
#Finish

Answer 1

In order to Export-Csv , you need some type of input. Currently you are exporting nothing.

You ideally want to create an array of all your items, and export that array.

$x = @()
ForEach ($User In $Users)
{
   $x += [pscustomobject]@{
     FirstName = $User.FirstName
     LastName = $User.LastName
     #etc...
   }
} 

$x | Export-Csv -Path "$logdate.ADEnabled-Disabled.csv"

You have a number of small issues, but I think this will get you working towards actual results.

Answer 2

With all these comments and the incomplete answer already given, I fear the OP gets confused even more...

In order for the OP to understand better, I stuck with his original code as much as possible.

First :

I'm assuming by looking at the code, the input csv file looks similar to this

"FirstName","LastName","Employee"
"Elvis","Presley","12345"
"Axl","Rose","987654"
"Janis","Joplin","654283"

The main problem i can see here is that the code is searching a AD user using the EmployeeID property (string). By using the filter as eq the string found in AD must be exactly what is in the csv (although case insensitive). If that is not the case the code will not find the user by using -eq but maybe, by comparing what is in the CSV and in AD, a different operator can be used such as -like . That is for the OP to figure out.

Next the code :

#Script Starts
$Users = Import-Csv "\folder\Test.csv"

Import-Module ActiveDirectory
$path = Split-Path -parent ".\folder\*.*"

# Create log date
$logdate = Get-Date -Format yyyy-MM-dd-THH.mm.ss
$logfile = $path + "\logs\$logdate.logfile.txt"
# while you're at it, create the full path and filename for the output csv
$outFile = Join-Path $path $($logdate + ".ADEnabled-Disabled.csv")

# create an array for the output file
# You CAN do without by letting PowerShell do the aggregating of objects for you
# but in this case I think it will make things more readable to collect ourselves.
$result = @()
ForEach ($User In $Users) {
    # Find the user by the 'Employee' field in the csv and return an object with the required properties
    # Use -LDAPFilter which requires the LDAP syntax: "(employeeID=$($User.Employee))"
    # Or use -Filter where you use the Powershell syntax
    $adUser = Get-ADUser -Filter "EmployeeID -eq $($User.Employee)" -Properties DisplayName, Enabled, EmployeeID |
              Select-Object DisplayName, Enabled, EmployeeID

    if ($adUser) {
        # if the above statement did find the user, we add this to the result array
        $result += $adUser
    }
    else {
        $msg = "User '{0} {1}' not found. Check the Employee id {2}." -f $user.FirstName, $user.LastName, $user.Employee
        Write-Warning $msg
        Add-content $logfile -Value $msg
    }
} 

# now write the output csv as a new file. Because it has a complete date and time in the name
# the chances of overwriting an existing file are very slim indeed, but we'll use -Force anyway.
$result | Export-Csv -Path $outFile -NoTypeInformation -Force
#Finish

Hope this helps