PowerShell Script to update manager field for users in AD and to export results to CSV
First of all I am just learner with PS please bear with me.
I have managed to tweak a script (which I still need to test!) that will perform bulk updates of the manager field of AD user.
Using the username of the user and the username of the manager, where it will read CSV file which contains 2 fields: EmployeeUserName ManagerUserName:
Import-Csv "C:\Users\Temp\UpdateManagers.csv" |
ForEach-Object {
$ADUser = Get-ADUser -Filter "sAMAccountName -eq '$($User.EmployeeUserName)'"
$manager = (Get-ADUser -Filter "sAMAccountName -eq '$($User.'ManagerUserName')'").distinguishedname
if ($ADUser -and $manager) {
$ADUser | Set-ADUser -manager $manager
}
}
My CSV format is:
I wanted to know if someone could assist me with my script to output the results to an CSV file to state the username of a user that has had the manager updated in field and the new manager username in field.
UPDATE 1
@Theo sorry for the delay on this I ran your code (changed the file locations to work for me).
Didn't get any error but got this output below:
Then I checked the users and managers weren't updated:
I don't know why it is not updating usernames are correct for both managers and users and I have ran PS ISE as Administrator...
UPDATE 2
Ran the updated code and got this error message:
PS C:\Windows\system32> C:\Users\Temp\BulkADManagerChange.ps1
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager1'' under: 'DC=my,DC=domain,DC=net'.
At CC:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager1':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager1' does not exist
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager2'' under: 'DC=my,DC=domain,DC=net'.
At C:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager2':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager2' does not exist
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager3'' under: 'DC=my,DC=domain,DC=net'.
At C:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager3':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager3' does not exist
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager1'' under: 'DC=my,DC=domain,DC=net'.
At C:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager1':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager1' does not exist
User NewManager Result
---- ---------- ------
User1 Error: Manager 'Manager1' does not exist
User2 Error: Manager 'Manager2' does not exist
User3 Error: Manager 'Manager3' does not exist
User4 Error: Manager 'Manager1' does not exist
This was the CSV used by the code:
This was the results CSV file:
I can confirm in CSV file usernames of users and usernames of manager are correct.
Is it worth adding delimiters in the usernames using ';' ?
UPDATE 3
@Theo ran you code
It is sooo close!! It works updates AD fine BUT the code produces the errors below:
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
User NewManager Result
---- ---------- ------
User1 Manager1 Success: New manager 'Manager1' set for this user
User2 Manager2 Success: New manager 'Manager2' set for this user
User3 Manager3 Success: New manager 'Manager3' set for this user
User4 Manager1 Success: New manager 'Manager1' set for this user
The output CSV file is fine also
Solution
If you want output for this where you want error/success messages, I would extend your code to something like below:
$result = Import-Csv "C:\Users\Temp\UpdateManagers.csv" | ForEach-Object {
$csvUser = $_.EmployeeUserName # for convenience
$csvManager = $_.ManagerUserName
# create an object to output
$out = [PsCustomObject]@{User = $csvUser; NewManager = $null; Result = $null }
# if there is no manager found in the csv:
if ([string]::IsNullOrWhiteSpace($csvManager)) {
Write-Warning "User '$csvUser' does not have a manager specified in the csv"
$out.Result = "Error: User does not have a manager specified in the csv"
$out
continue
}
$ADUser = Get-ADUser -Filter "sAMAccountName -eq '$csvUser'" -Properties Manager
if ($ADUser) {
# try and get the user object for the manager as stated in the csv
$ADManager = Get-ADUser -Filter "sAMAccountName -eq '$csvManager'"
if ($ADManager) {
$out.NewManager = $csvManager
try {
$currentManager = (Get-ADUser -Identity $ADUser.Manager -ErrorAction Stop).SamAccountName
}
catch { $currentManager = $null }
if ($currentManager -ne $csvManager) {
$ADUser | Set-ADUser -Manager $ADManager.DistinguishedName
$out.Result = "Success: New manager '$csvManager' set for this user"
}
else {
$out.Result = "Skipped: Manager for this user was already correct"
}
}
else {
Write-Warning "Manager '$csvManager' does not exist"
$out.Result = "Error: Manager '$csvManager' does not exist"
}
}
else {
Write-Warning "User '$csvUser' does not exist"
$out.Result = "Error: User '$csvUser' does not exist"
}
# output the object so it gets collected in variable $result
$out
}
# output result on screen
$result | Format-Table -AutoSize
# write result to csv file
$result | Export-Csv -Path 'X:\Somewhere\UpdateManagersResults.csv' -NoTypeInformation
- Slice a PowerShell array into groups of smaller arrays
- POST request with Powershell 2.0 using cURL
- How to escape special characters in PowerShell?
- Create a list of items that are common between objects
- powershell script to show git info and just the working directory
- Add items to an PowerShell array, and process the array in batches
- Cannot Bind Argument to Parameter 'NewName' because it is an empty string
- Getting exit code from the application running in a container (kubernetes)
- Right usage of 2>&1 | tee or | tee with powershell
- rename files down to 3 characters then delete them if they are 6 mo old
- How to remove all CRLF's at position 51 in a file, processing the file in reverse order
- Powershell 7 Invoke-Restmethod Upload to SharePoint Online Circular Errors
- in powershell, set affinity in start-process
- Powershell script throws error (80040154 Class not registered) only when it is executed from codedeploy, Why?
- How to change default scheduled task process priority in Windows
- Azure Devops pipeline failing due to AZ.Accounts Module update by MSFT
- Powershell in NonInteractive mode
- Cast $PSBoundParameters to [HashTable] to enable .Clone()
- How to add empty rows in output csv?
- How to get an MD5 checksum in PowerShell
- Only write over data to csv line without losing previous data?
- PowerShell - check if installed driver is latest version available in Windows Update catalog
- How to fill PowerShell input with a Python Script?
- PowerShell Script with Clixml and Task Scheduler
- PowerShell formatting of netdom query fsmo into a simple HTML report
- How do I get the localhost name in PowerShell?
- Quasar dev PSSecurityException
- How to set Win32_ProcessStartup parameters in Powershell?
- How can I open jupyter in a venv with a shortcut?
- Elevate / Sudo on PowerShell