398
brammer
d4shoerncheN
Epixc0re
Jason
nikoatit
Penny.Cilin
S-204-18
Administrator Startseite
Heiß diskutierte Fragen

Mit dem Powershellscript ADModify Benutzerattribute en masse ändern

Mitglied: HAWIKA
22.12.2010
19:12:17 Uhr
2924 Aufrufe
3 Antworten
ID: 157472
Noch nicht bewertet
During a move mailbox scenario in a mid-large international company we had to exclude certain users from moving. So we had to "mark" all users, which were Blackberry mobile users and all VIP-users.
To do this I decided to set a special value in extentionattribute 15. i.e. all Blackberry users got a "BES" and all VIPs a "VIP" as value. The list with all SamAccountNames if the users I got from a colleague - and I wrote the script below to perform my work. After doing that, I was able to make move requests in Exchange Management Console filtering by the attributes value.
Let's explain the script:

Parameters

IsTestMode: declares if script runs in test-mode or modify-mode
attribute: attribute which has to be modified
newvalue: value which is set to the given attribute
outputfilename: log will be written to this file
inputfilename: file which contains the alias names of users
who will be checked

RUN

In this example you modify the attribute extensionattribute15 and set the new value BES.

ADModify.ps1 -IsTestMode $true -attribute "extensionattribute15" -newvalue = "BES"

Code
Quelltext | Drucken
01.
############################################################# 
02.
# ADModify.ps1 
03.
# Sets a value to an attribute of users listed in a file 
04.
# example: ADModify.ps1 -IsTestMode $true -attribute "extensionattribute15" -newvalue = "BES" 
05.
############################################################# 
06.
# Scripted by: Hans Willi Kremer, NETsec GmbH & Co. KG, http://www.netsec.de, http://tools4Exchange.com 
07.
# Tags: ADModify, modify attribute in bulk, Active Directory attribute modification, bulk modification, support tools, Exchange migration, Exchange move mailbox 
08.
########################################################### 
09.
Param( 
10.
         [string]$IsTestMode = $true,      # declare test-mode or modify-mode 
11.
   [string]$attribute = "extensionattribute10",  # attribute which has to be modified 
12.
   [string]$newvalue = "BES",       # value which is set to the given attribute 
13.
   [string]$outputfilename ="C:\yyy_output.txt",   # log will be written to this file 
14.
   [string]$inputfilename ="C:\xxx_input.txt"   # file which contains the alias names of users who will be checked 
15.
16.
# to check before running script 
17.
$IsPresent = ": Correct value already present"    # displayed in log if the value of users attribute is already set 
18.
$ErrorWriting = "Error writing: "       # displayed in log if script runs into error state 
19.
$IsTestModeString = "IsTestMode: "       # displayed in log if script runs in test mode 
20.
$ValueChangedString = ": changed  to: "      # displayed in log if value of users attribute is modified 
21.
$date = get-date 
22.
Write-Output ($date.ToString() + " " + $IsTestModeString  + " " +  $IsTestMode) | out-file $outputfilename -append  
23.
Write-Output ($date.ToString() + " " + "Starting script") | out-file $outputfilename -append  
24.
 
25.
$boxes = Get-Content $inputfilename       # read all users from inputfile 
26.
Foreach ($element in $boxes ) 
27.
28.
    $date = get-date 
29.
    $mailbox = Get-Mailbox $element -ResultSize unlimited  # get user's dn in Active Directory  
30.
    $ldap = "LDAP://" + $mailbox.distinguishedname      
31.
    $de = New-Object DirectoryServices.DirectoryEntry $ldap # bind to user's object 
32.
  
33.
    if ($de.Properties["$attribute"].Value -eq $newvalue) # if new value is already present 
34.
35.
        Write-Output ($date.ToString() + " " + $element + " " + $attribute + " with value " + " " + $newvalue + " " + $IsPresent) | out-file $outputfilename -append  
36.
37.
      else             # if new value is not present 
38.
39.
        try 
40.
41.
           $de.Properties["$attribute"].Value = $newvalue 
42.
           if ($IsTestMode -eq $false)  
43.
44.
            $de.commitchanges() 
45.
46.
47.
        catch 
48.
49.
           Write-Output ($date.ToString()  + " " + $element  + " " + $ErrorWriting) | out-file $outputfilename -append  
50.
51.
        finally 
52.
53.
           Write-Output ($date.ToString() + " " +   $element  + " " +   $attribute + " " + $ValueChangedString  + " " +  $newvalue) | out-file $outputfilename -append  
54.
        }     
55.
      } #end if 
56.
          
57.
  } # end Foreach element 
58.
  Write-Output ($date.ToString() + " " + "Finished script") | out-file $outputfilename -append
Hans Willi

P.S. Das Script kann auch auf meinem Blog http://www.tools4exchange.com heruntergeladen werden

[Edit Biber/Beaver] Codetags nachgezogen /Codedays afterdrawn [/Edit]

Diskussionsverlauf (3 Antworten)
Mitglied: Arch-Stanton
Arch-Stanton schreibt am 22.12.2010 um 19:18:02 Uhr
Can you not German?

Gruß, Arch Stanton
Mitglied: HAWIKA
HAWIKA schreibt am 22.12.2010 um 19:24:46 Uhr
Only a BIT face-smile
Aber im Ernst - mein Englisch ist nicht toll, dennoch muss ich diese "Tipps" sowieso darin verfassen, und mir fehlt die Zeit das auch noch zu übersetzen.
Wenn Du dies tun magst, dann . . .
hawi
Mitglied: Biber
Biber schreibt am 22.12.2010 um 20:18:03 Uhr
Moin HAWIKA,

danke für deinen Powershell-Schnipsel.

Ich habe den Code in Codetags gesetzt, da ohne andere Ansage die Sequenz "# text" [Raute-Leerzeichen-text] zu einer Durchnummerierung dieser Zeilen führt.
Da eine #-Raute in der PowerShell/in the Kraftmuschel etwas anderes bedeutet, war das Copy&Paste deines Originalscripts nicht Eins-zu-Eins angekommen.
Die Skriptzeilen 2-4 (unter anderem) waren etwas sinnentstellt.

Grüße
Biber
mehr ...Ähnliche Beiträge
Top
Copyright © 2012 Administrator Technology. Alle Inhalte sind unter der Creative Commons BY-SA 3.0 License lizensiert. Release: 3.1 (20120522-00) Load: 0.2856