PowerShell Script to update manager field for users in AD and to export results to CSV
First of all I am just learner with PS please bear with me.
I have managed to tweak a script (which I still need to test!) that will perform bulk updates of the manager field of AD user.
Using the username of the user and the username of the manager, where it will read CSV file which contains 2 fields: EmployeeUserName ManagerUserName:
Import-Csv "C:\Users\Temp\UpdateManagers.csv" |
ForEach-Object {
$ADUser = Get-ADUser -Filter "sAMAccountName -eq '$($User.EmployeeUserName)'"
$manager = (Get-ADUser -Filter "sAMAccountName -eq '$($User.'ManagerUserName')'").distinguishedname
if ($ADUser -and $manager) {
$ADUser | Set-ADUser -manager $manager
}
}
My CSV format is:
I wanted to know if someone could assist me with my script to output the results to an CSV file to state the username of a user that has had the manager updated in field and the new manager username in field.
UPDATE 1
@Theo sorry for the delay on this I ran your code (changed the file locations to work for me).
Didn't get any error but got this output below:
Then I checked the users and managers weren't updated:
I don't know why it is not updating usernames are correct for both managers and users and I have ran PS ISE as Administrator...
UPDATE 2
Ran the updated code and got this error message:
PS C:\Windows\system32> C:\Users\Temp\BulkADManagerChange.ps1
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager1'' under: 'DC=my,DC=domain,DC=net'.
At CC:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager1':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager1' does not exist
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager2'' under: 'DC=my,DC=domain,DC=net'.
At C:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager2':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager2' does not exist
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager3'' under: 'DC=my,DC=domain,DC=net'.
At C:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager3':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager3' does not exist
Get-ADUser : Cannot find an object with identity: 'sAMAccountName -eq 'Manager1'' under: 'DC=my,DC=domain,DC=net'.
At C:\Users\Temp\BulkADManagerChange.ps1:18 char:22
+ $ADManager = Get-ADUser "sAMAccountName -eq '$csvManager'"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (sAMAccountName -eq 'Manager1':ADUser) [Get-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetAD
User
WARNING: Manager 'Manager1' does not exist
User NewManager Result
---- ---------- ------
User1 Error: Manager 'Manager1' does not exist
User2 Error: Manager 'Manager2' does not exist
User3 Error: Manager 'Manager3' does not exist
User4 Error: Manager 'Manager1' does not exist
This was the CSV used by the code:
This was the results CSV file:
I can confirm in CSV file usernames of users and usernames of manager are correct.
Is it worth adding delimiters in the usernames using ';' ?
UPDATE 3
@Theo ran you code
It is sooo close!! It works updates AD fine BUT the code produces the errors below:
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Users\Me\Desktop\BulkADManagerChange.ps1:21 char:52
+ $currentManager = Get-ADUser -Identity $ADUser.Manager -ErrorAction ...
+ ~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
User NewManager Result
---- ---------- ------
User1 Manager1 Success: New manager 'Manager1' set for this user
User2 Manager2 Success: New manager 'Manager2' set for this user
User3 Manager3 Success: New manager 'Manager3' set for this user
User4 Manager1 Success: New manager 'Manager1' set for this user
The output CSV file is fine also
Solution
If you want output for this where you want error/success messages, I would extend your code to something like below:
$result = Import-Csv "C:\Users\Temp\UpdateManagers.csv" | ForEach-Object {
$csvUser = $_.EmployeeUserName # for convenience
$csvManager = $_.ManagerUserName
# create an object to output
$out = [PsCustomObject]@{User = $csvUser; NewManager = $null; Result = $null }
# if there is no manager found in the csv:
if ([string]::IsNullOrWhiteSpace($csvManager)) {
Write-Warning "User '$csvUser' does not have a manager specified in the csv"
$out.Result = "Error: User does not have a manager specified in the csv"
$out
continue
}
$ADUser = Get-ADUser -Filter "sAMAccountName -eq '$csvUser'" -Properties Manager
if ($ADUser) {
# try and get the user object for the manager as stated in the csv
$ADManager = Get-ADUser -Filter "sAMAccountName -eq '$csvManager'"
if ($ADManager) {
$out.NewManager = $csvManager
try {
$currentManager = (Get-ADUser -Identity $ADUser.Manager -ErrorAction Stop).SamAccountName
}
catch { $currentManager = $null }
if ($currentManager -ne $csvManager) {
$ADUser | Set-ADUser -Manager $ADManager.DistinguishedName
$out.Result = "Success: New manager '$csvManager' set for this user"
}
else {
$out.Result = "Skipped: Manager for this user was already correct"
}
}
else {
Write-Warning "Manager '$csvManager' does not exist"
$out.Result = "Error: Manager '$csvManager' does not exist"
}
}
else {
Write-Warning "User '$csvUser' does not exist"
$out.Result = "Error: User '$csvUser' does not exist"
}
# output the object so it gets collected in variable $result
$out
}
# output result on screen
$result | Format-Table -AutoSize
# write result to csv file
$result | Export-Csv -Path 'X:\Somewhere\UpdateManagersResults.csv' -NoTypeInformation
- Azure PowerShell command to list all Azure VM SKU Sizes enabled for Confidential Computing Azure ACC
- Azure File Share: Cannot map network drive
- Using script commands, how to add multiple scale rules to an Azure Container App?
- Powershell ADSI: Can I query the local Administrators group using a SID?
- PowerShell script to take backup of all environment variables & save it in a file
- Having trouble making UserPrincipalName all lowercase in Powershell
- Is there a way in PowerShell to get the default value of a script parameter?
- What does this command prompt input do?
- Powershell unable to find type [System.Windows.Forms.KeyEventHandler]
- tsc.ps1 cannot be loaded because running scripts is disabled on this system
- Unexpected return value when using function in an if statement
- Powershell howto Filter XML Nodes
- How to untar multiple files with an extension .tar.gz.aa, .tar.gz.ab..... in windows?
- Searching for backslash in a string with Powershell
- How do I start PowerShell from Windows Explorer?
- Can I use PowerShell in shell-mode for Emacs?
- Powershell .contains() check without casesensitive
- Prevent Pull Request builds from triggering Continuous deployment trigger Azure DevOps Server
- How can I obtain the user's Logon Session SID (e.g. S-1-5-5-X-Y) or otherwise verify RMF SC-23 Unique Identifiers in Windows
- Why do I get this error when I try to set my powershell terminal title in my ps1 script?
- Powershell script file that contains function doesnt load
- How to Compare Sets of Users
- Powershell function returns stdout? (Old title: Powershell append to array of arrays appends stdout?)
- Can a type be added that references an in-memory assembly?
- Converting .bmp to .png using powershell causes memory leak
- Display all environment variables from a running PowerShell script
- How to set PIPENV_IGNORE_VIRTUALENVS=1?
- Where is the "downloads" folder located
- How can I make a powershell script work in an Azure function with PowerShell 5 and module AzureADPreview?
- Test-Path doesn't found localised folder names