Here is a PowerShell (Version 1) script which you can use to update an attribute value in Active Directory. In this example, I am updating altSecurityIdentities attribute with Exclude value.
Clear
$N = 0
$migValue = "Exclude"
Import-CSV C:\Scripts\input.csv | % {
#input.csv contains sAMAccountName. Header must be UserName
$UserN = $_.UserName
$ObjFilter = "(&(objectCategory=person)(objectCategory=User)(samaccountname=$UserN))"
$objSearch = New-Object System.DirectoryServices.DirectorySearcher
$objSearch.PageSize = 15000
$objSearch.Filter = $ObjFilter
$objSearch.SearchRoot = LDAP://dc=sivarajan,dc=com
$AllObj = $objSearch.findOne()
$user = [ADSI] $AllObj.path
Write-host -NoNewLine "Updating...."
$user
$user.psbase.invokeSet("altSecurityIdentities",$migValue)
$user.setinfo()
Write-host "Done!"
$N ++
}
Write-host "Udpated $N User Account(s)"
Input.csv – contains all sAMAccountName as shown in the following screenshot:
FYI – You can also use AD PowerShell module to achieve the same result.
0 comments:
Post a Comment