更新 AD Powershell 中的属性

Question

我在 AD 中有一个脚本更新属性。 附件是我更新属性的脚本示例。 这确实有效，但无论如何我都不是 PowerShell 的人。 我想知道是否有更有效的方法来运行我的脚本。 我遇到的一些问题是，如果 CSV 中的字段为空，则会生成错误，如果 csv 文件中有空白字段，则不会替换属性中的现有数据。

Import-Module ActiveDirectory
$users = Import-Csv -Path "C:\sdk\employees to update.csv"

#####Udating givenName
foreach ($user in $users) {
    Get-ADUser -Filter "FAKEcompanyEmployeeNumber -eq '$($user.EMPLOYEE)'" -Properties givenName -SearchBase "OU=Staff Win10,dc=FAKEcompany,dc=on,dc=ca" | 
    Set-ADUser -replace @{"givenName" = "$($user.Emp_First_Name)" }
}

#####Udating sn
foreach ($user in $users) {
    Get-ADUser -Filter "FAKEcompanyEmployeeNumber -eq '$($user.EMPLOYEE)'" -Properties sn -SearchBase "OU=Staff Win10,dc=FAKEcompany,dc=on,dc=ca" | 
    Set-ADUser -replace @{"sn" = "$($user.Emp_Last_Name)" }
}

#####Udating FAKEcompanyEmployeeNumber
foreach ($user in $users) {
    Get-ADUser -Filter "FAKEcompanyEmployeeNumber -eq '$($user.EMPLOYEE)'" -Properties FAKEcompanyEmployeeNumber -SearchBase "OU=Staff Win10,dc=FAKEcompany,dc=on,dc=ca" | 
    Set-ADUser -replace @{"FAKEcompanyEmployeeNumber" = "$($user.Employee)" }
}

#####Udating middleName
foreach ($user in $users) {
    Get-ADUser -Filter "FAKEcompanyEmployeeNumber -eq '$($user.EMPLOYEE)'" -Properties middleName -SearchBase "OU=Staff Win10,dc=FAKEcompany,dc=on,dc=ca" | 
    Set-ADUser -replace @{"middleName" = "$($user.Middle_Name)" }
}

Answer 1

#The where filter on $_.[propertyname] filters objects out where the specified properties are empty 
$users = Import-Csv -Path "C:\sdk\employees to update.csv" | ?{$_.employee -and $_.Emp_First_Name -and $_.Middle_Name}

#As Santiago mentioned you can do it in one step
foreach ($user in $users){
    Get-ADUser -Filter "FAKEcompanyEmployeeNumber -eq '$($user.EMPLOYEE)'" -Properties givenName -SearchBase "OU=Staff Win10,dc=FAKEcompany,dc=on,dc=ca" | set-aduser -replace @{givenName=$user.Emp_First_Name;sn=$user.Emp_Last_Name;FAKEcompanyEmployeeNumber=$user.Employee;middleName=$user.Middle_Name}
}

#################

#If you want to process also objects with partital information you can do
$users = Import-Csv -Path "C:\sdk\employees to update.csv"
foreach ($user in $users){
    $Replace = @{}
    If ($user.Emp_First_Name){
        $replace.add('givenName',$user.Emp_First_Name)
    }
    If ($user.Emp_Last_Name){
        $replace.add('sn',$user.Emp_Last_Name)
    }
    If ($user.Employee){
        $replace.add('FAKEcompanyEmployeeNumber',$user.Employee)
    }
    If ($user.middle_name){
        $replace.add('middleName',$user.middle_name)
    }
    Get-ADUser -Filter "FAKEcompanyEmployeeNumber -eq '$($user.EMPLOYEE)'" -Properties givenName -SearchBase "OU=Staff Win10,dc=FAKEcompany,dc=on,dc=ca" | set-aduser -replace $replace
}

Answer 2

您可以为用户属性设置多个替换值，如示例 3中的Set-ADUser文档所示。

String.IsNullOrWhiteSpace可以帮助您检查您的 Csv 中该列的值是否为空。

希望内联注释可以帮助您理解其中的逻辑。

$properties = @{
    givenName  = 'Emp_First_Name'
    sn         = 'Emp_Last_Name'
    middleName = 'Middle_Name'
    FAKEcompanyEmployeeNumber = 'Employee'
}

Import-Csv -Path "C:\sdk\employees to update.csv" | ForEach-Object {
    $params = @{
        Filter     = "FAKEcompanyEmployeeNumber -eq '{0}'" -f $_.EMPLOYEE
        SearchBase = 'OU=Staff Win10,dc=FAKEcompany,dc=on,dc=ca'
    }
    # if we can find the user in AD,
    # check which properties need to be updated for this user
    if($adUser = Get-ADUser @params) {
        # replace hashtable for splatting latter
        $replace = @{ Replace = @{} }
        foreach($property in $properties.GetEnumerator()) {
            $value = $_.($property.Value)
            # if this Value is empty in the Csv
            if([string]::IsNullOrWhiteSpace($value)) {
                # skip it, go next
                continue
            }
            # here we assume the Value in the CSV is populated,
            # add it to the replacement hash
            $replace['Replace'][$property.Key] = $value
        }

        # check one last time if the replacement hash is populated
        if($replace.Values.Keys.Count) {
            # if it is, we can go ahead and set values for the AD User
            $adUser | Set-ADUser @replace
        }
    }
}

更新 AD Powershell 中的属性

问题描述

2 个解决方案

解决方案1
0 2022-10-06 15:07:29

解决方案2
0 2022-10-06 15:07:53

更新 AD Powershell 中的属性

问题描述

2 个解决方案

解决方案1 0 2022-10-06 15:07:29

解决方案2 0 2022-10-06 15:07:53

解决方案1
0 2022-10-06 15:07:29

解决方案2
0 2022-10-06 15:07:53