Share via

How to import Open LDAP's user data from CSV file into the Active Directory

Ahmed Qureshi 85 Reputation points
2023-07-05T12:22:30.8+00:00

Hi,

We have a business requirement where we have to import all user data from csv file (exported from open Ldap server) into the AD with same attributes/fields so that so that our backend intranet sites/services should not be disturbed.

We want to add users with following attributes to match the current backend sites and services:

User's image

We are using following powershell script:

Import-Module ActiveDirectory


$users = Import-Csv -Path "C:\Share\users2.csv"

foreach ($user in $users) {

            $SamAccountName            = $User.SamAccountName                   
	    $Path                      = $User.path	
	    $Groups		    = $User.groups           
            $UserPrincipalName          = $user.UserPrincipalName
	    $cn				= $user.cn
	    $gidNumber			= $user.gidNumber	
	    $GivenName                       = $User.GivenName 
            $sn                           = $User.sn
            $DisplayName                   = $User.DisplayName
            $uid				= $user.uid	
            $homeDirectory                     = $User.homeDirectory
            $physicalDeliveryOfficeName        = $User.physicalDeliveryOfficeName
            $o               		       = $User.o
            $l                   	= $User.l
            $EmailAddress               = $User.email
	    $uidNumber		       = $User.uidNumber
	    $postalAddress                = $User.postalAddress
            $st                           = $User.st
            $homePostalAddress             = $User.homePostalAddress
            $employeeNumber                      = $User.employeeNumber
            $Title                            = $User.title
            $telephoneNumber                    = $User.telephoneNumber
            $mobile                      = $User.mobile
	    $homePhone			= $User.homePhone	
            $manager			= $User.manager
	    $homeDrive			= $User.homeDrive
	    $profilePath			= $User.profilePath
	    $secretary			= $User.secretary
            $AccountPassword        = (ConvertTo-SecureString $User.password -AsPlainText -Force) 
            $Enabled                      = $true
            $ChangePasswordAtLogon      = $true


    New-ADUser -SamAccountName $samAccountName -GivenName $givenName -Surname $surname -UserPrincipalName $userPrincipalName -OtherAttributes @{gidNumber = $gidNumber; secretary = $secretary}
}

but it is giving us following errors:

PS C:\share\Import Users> .\users2.ps1
New-ADUser : Identity info provided in the extended attribute: 'Manager' could not be resolved. Reason: 'Cannot find an object with identity: '' under: 'DC=genetech,DC=pk'.'.
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (CN=Mustafa Hema...=genetech,DC=pk:String) [New-ADUser], ADIdentityResolutionException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityResolutionException,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : The parameter is incorrect
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (mustafa.hemani:ADUser) [Set-ADUser], ADInvalidOperationException
    + FullyQualifiedErrorId : ActiveDirectoryServer:87,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : Identity info provided in the extended attribute: 'Manager' could not be resolved. Reason: 'Cannot find an object with identity: '' under: 'DC=genetech,DC=pk'.'.
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (CN=Shamim Rajan...=genetech,DC=pk:String) [New-ADUser], ADIdentityResolutionException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityResolutionException,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : The parameter is incorrect
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (shamim.rajani:ADUser) [Set-ADUser], ADInvalidOperationException
    + FullyQualifiedErrorId : ActiveDirectoryServer:87,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : Identity info provided in the extended attribute: 'Manager' could not be resolved. Reason: 'Cannot find an object with identity: '' under: 'DC=genetech,DC=pk'.'.
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (CN=Turab Hemani...=genetech,DC=pk:String) [New-ADUser], ADIdentityResolutionException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityResolutionException,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'turab.hemani' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (turab.hemani:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : The operation failed because UPN value provided for addition/modification is not unique forest-wide
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=Urooj Fatima...=genetech,DC=pk:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8648,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'urooj.fatima' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (urooj.fatima:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : The operation failed because UPN value provided for addition/modification is not unique forest-wide
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=Taqi Kirmani...=genetech,DC=pk:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8648,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'taqi.kirmani' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (taqi.kirmani:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : The operation failed because UPN value provided for addition/modification is not unique forest-wide
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=Samana Hassa...=genetech,DC=pk:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8648,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'samana.hassan' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (samana.hassan:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : The operation failed because UPN value provided for addition/modification is not unique forest-wide
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=Aadil Pirani...=genetech,DC=pk:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8648,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'adil.pirani' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (adil.pirani:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : The operation failed because UPN value provided for addition/modification is not unique forest-wide
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=Shabbir Bhoj...=genetech,DC=pk:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8648,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'shabbir.bhojani' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (shabbir.bhojani:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : The operation failed because UPN value provided for addition/modification is not unique forest-wide
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=Neelam Rahee...=genetech,DC=pk:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8648,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'neelam.raheel' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (neelam.raheel:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : Identity info provided in the extended attribute: 'Manager' could not be resolved. Reason: 'Cannot find an object with identity: '' under: 'DC=genetech,DC=pk'.'.
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (CN=Mehreen Huss...=genetech,DC=pk:String) [New-ADUser], ADIdentityResolutionException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityResolutionException,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'mehreen.hussain' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (mehreen.hussain:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

New-ADUser : The operation failed because UPN value provided for addition/modification is not unique forest-wide
At C:\share\Import Users\users2.ps1:40 char:5
+     New-ADUser -SamAccountName $SamAccountName -Name $Name -UserPrinc ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (CN=Mehreen Huss...=genetech,DC=pk:String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8648,Microsoft.ActiveDirectory.Management.Commands.NewADUser

Set-ADUser : Cannot find an object with identity: 'mehreen' under: 'DC=genetech,DC=pk'.
At C:\share\Import Users\users2.ps1:44 char:5
+     Set-ADUser -Identity $SamAccountName -Add @{ ou = '$ou'; cn = '$c ...
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (mehreen:ADUser) [Set-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.SetADUser

Can anyone please help us with perfect scripts which can import the data from CSV file to the correct attributes.

Much Appreciated.

Windows for business Windows Client for IT Pros Directory services Active Directory
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Khaled Elsayed Mohamed 1,335 Reputation points
    2023-07-24T09:22:21.2666667+00:00

    Hi AQ

    The error you are encountering is likely due to the fact that some of the properties you are trying to set in the New-ADUser command do not match the actual parameter names used by the New-ADUser cmdlet. The properties $GivenName, $sn, and $surname are not recognized, which could be causing the issue.

    Here's an updated version of your script with the correct parameter names:

    Import-Module ActiveDirectory

$users = Import-Csv -Path "C:\Share\users2.csv"

foreach ($user in $users) {

    $SamAccountName            = $user.SamAccountName                   
    $Path                      = $user.path	
    $Groups                    = $user.groups           
    $UserPrincipalName         = $user.UserPrincipalName
    $cn                        = $user.cn
    $gidNumber                 = $user.gidNumber	
    $GivenName                 = $user.GivenName 
    $sn                        = $user.sn
    $DisplayName               = $user.DisplayName
    $uid                       = $user.uid	
    $homeDirectory             = $user.homeDirectory
    $physicalDeliveryOfficeName= $user.physicalDeliveryOfficeName
    $o                         = $user.o
    $l                         = $user.l
    $EmailAddress              = $user.email
    $uidNumber                 = $user.uidNumber
    $postalAddress             = $user.postalAddress
    $st                        = $user.st
    $homePostalAddress         = $user.homePostalAddress
    $employeeNumber            = $user.employeeNumber
    $Title                     = $user.title
    $telephoneNumber           = $user.telephoneNumber
    $mobile                    = $user.mobile
    $homePhone                 = $user.homePhone	
    $manager                   = $user.manager
    $homeDrive                 = $user.homeDrive
    $profilePath               = $user.profilePath
    $secretary                 = $user.secretary
    $AccountPassword           = (ConvertTo-SecureString $user.password -AsPlainText -Force) 
    $Enabled                   = $true
    $ChangePasswordAtLogon     = $true

    New-ADUser -SamAccountName $SamAccountName -GivenName $GivenName -Surname $sn -UserPrincipalName $UserPrincipalName -OtherAttributes @{gidNumber = $gidNumber; secretary = $secretary}
}

    Please note that in the New-ADUser command, I replaced $samAccountName with $SamAccountName, $givenName with $GivenName, and $surname with $sn to match the variable names that you have defined earlier in the script.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.