Active Directory Powershell script only works after opening source csv in Excel

Question

I am trying to update Active Directory with a PowerShell script. I have a CSV file generated from a .NET console application that looks like it's perfectly fine when viewing it in .txt, and it opens in Excel without issue

The Problem

When I run the following PowerShell script, the AD gets updated and looks as I expect, however the users are not able to match their accounts. I've tried different delimiters and changing the encoding to be explicitly UTF-8 and ANSI without success, and given I am unfamiliar with PowerShell and ActiveDirectory, I'm not sure what else to try.

Strange Clue

If I first open the .csv file from the console application in Excel and just save it right away, the update script works and users are able to match their accounts. I thought this was the encoding but that doesn't seem to be it. I've diffed the files both pre and post excel and they are identical.

Sample CSV Data:

last_name,first_name,altSecurityIdentities,userPrincipalName
DOE,JOHN,"x,y,z=y,<S>,0000000",jdoe@gmail.com

The console application builds the CSV by the following:

var csv = new StringBuilder();
String delimiter = ",";
csv.appendLine(string.Format("last_name{0}first_name{0}altSecurityIdentities{0}userPrincipalName{0}", delimiter));
for(UserRecord r in records){
     csv.appendLine(string.Format("{1}{0}{2}{0}\"{3}\"{0}{4}{0}", delimiter, r.lastName, r.firstName, r.altSecIdentity, r.email));
}
File.WriteAllText(fileName, csv.ToString());

The PowerShell script is:

[CmdletBinding()]
Param(
 [Parameter(Mandatory=$True,Position=1)]
 [string]$FilePath
)
$LogDate = get-date -f yyyyMMddhhmm
import-module ActiveDirectory
$names = import-csv $FilePath

foreach($name in $names){

try{
    $regularuser = get-aduser ($name.userPrincipalName -split "@")[0]
    $regularuser | Set-ADUser -UserPrincipalName $name.userPrincipalName -Replace @{'altSecurityIdentities'=$name.altSecurityIdentities}
    $name.userPrincipalName + $name.altSecurityIdentities + " account updated" >> "regular_accounts-$logDate.txt"
    try{
        $adminname = "_"+(($name.userPrincipalName -split "@")[0])
        $adminuser = get-aduser $adminname
        $adminuser | Set-ADUser -Replace @{'altSecurityIdentities'=$name.altSecurityIdentities}
        "_"+(($name.userPrincipalName -split "@")[0]) + $name.altSecurityIdentities + " admin account updated" >> "admin_accounts-$logDate.txt"
    }
    catch{
        "_"+(($name.userPrincipalName -split "@")[0])+" admin account not found" >> "admin_accounts-$logDate.txt"
        "__"+(($name.userPrincipalName -split "@")[0])+" admin account not found" >> "admin__accounts-$logDate.txt"
         }
    }
catch{
    $name.userPrincipalName + " account not found" >> "regular_accounts-$logDate.txt"
     }
}

EDIT - 'Solution'

I'm not certain why at this point, but editing the PowerShell line:

$names = import-csv $FilePath

...and changing it to:

$names = import-csv $FilePath | ConvertFrom-Csv

...fixed whatever issue ActiveDirectory was having with the input. Everything still looks the same, but however the login tool that matches users now works fine.

Answer 1

the following code snippet may help you to identify the user running each one of the processes:

 $owners = @{}
 gwmi win32_process |% {$owners[$_.handle] = $_.getowner().user}

 get-process | select processname,Id,@{l="Owner";e={$owners[$_.id.tostring()]}}

I would suspect the CSV creation process (user) is different to the second one, can't test at the moment unfortunately

Good luck!

Answer 2

I'm not certain why at this point, but editing the PowerShell line:

$names = import-csv $FilePath

...and changing it to:

$names = import-csv $FilePath | ConvertFrom-Csv

...fixed whatever issue ActiveDirectory was having with the input. Everything still looks the same, but however the login tool that matches users now works fine.