This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
I have a PowerShell script that runs daily and imports a CSV with user information, then uses "set-aduser" to update AD user information with the information from the CSV. However I would like to know if it's possible to email the results of the set-aduser changes?
Ideally the email would provide a list of only the users who had information updated, and indicate which field was updated (and ideally, with what new information). If no users had information updated it would just indicate that nothing was updated.
Is this possible?
Hi @A W ,
in general it should be possible.
But without knowing your script it's hard/impossible to say "how". Also it might be helpful to get an idea how much users we are talking about and how much expected updates on user information. This numbers might influencing the size of the email or log-file with all the details.
Do you really read through the details in the email/log-file every day?
----------
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
Script:
$ADUsers = Import-csv "C:\Scripts\AD\ADUpdate\ADUpdate.csv"
ForEach ($User in $ADUsers)
{
$Username = $User.username
$StreetAddress = $User.streetaddress
$City = $User.city
$PostalCode = $User.postalcode
$State = $User.state
$Country = $User.country
$Department = $User.department
$Title = $User.jobtitle
$Office = $User.location
$Company = $User.company
$EmployeeID = $User.associateID
$Manager = $User.managername
$OfficePhone = $User.telephone
$MobilePhone = $User.mobilephone
if (Get-ADUser -F {SamAccountName -eq $Username})
{
set-aduser -Identity $Username -EmployeeID $EmployeeID
set-aduser -Identity $Username -Postalcode $Postalcode
set-aduser -Identity $Username -State $State
set-aduser -Identity $Username -City $City
set-aduser -Identity $Username -Department $Department
set-aduser -Identity $Username -Title $Title
set-aduser -Identity $Username -Office $Office
set-aduser -Identity $Username -Company $Company
set-aduser -Identity $Username -StreetAddress $StreetAddress
set-aduser -Identity $Username -Manager $Manager
set-aduser -Identity $Username -OfficePhone $OfficePhone
set-aduser -Identity $Username -MobilePhone $MobilePhone
if ($Country -eq "USA - UNITED STATES")
{
set-aduser -Identity $Username -Replace @{c="US";co="United States";countrycode=840}
}
if ($Country -eq "CA - CANADA")
{
set-aduser -Identity $Username -Replace @{c="CA";co="Canada";countrycode=124}
}
}
This is just a brief ecample of one way that you might do this:
$props = "a","b","c" # the properties you want to monitor
$ub = Get-AdUser -Identity "x" -Properties $props -Server MyDC1
$ua = Set-AdUser -Identity "x" -Properties $props -Server MyDC1
$props |
ForEach-Object{
if ($ub.$_ -ne $ua.$_){
# property value before change and current value differs after change
}
else{
# no change in selected properties
}
}
Using ALL the properties of a user wouldn't be practical. There are properties that might change between the Get and Set user, and there are many properties that are of no interest to you in the context of reporting only the changes you're making.