Quick Script to Edit a Single Attribute in AD on a Single User Account

There are no real dependencies for this script, PSv1 or v2, no snap-ins, no modules….just plain old PS (POPS :) ).  No magic happening here, just some basic read-host and ADSI in play.  I wrote it for a colleague and thought I would share.

#This will probably only work for strings and simple numbers and such. $username = read-host "Enter a Username" $searcher = New-Object system.directoryservices.directorysearcher $searcher.filter = "(samaccountname=$username)" $searchresult = $searcher.FindAll() If ($searchresult.count -ne 1) { "A single SamAccountName was not matched properly" "$($searchresult.Count) records found" $searchresult return } $adobject = $searchresult[0].GetDirectoryEntry() "Found $($adobject.Get("DisplayName"))" [string]$attributename = read-host "Enter the name of the attribute you want to edit" $currentEAP = $ErrorActionPreference $ErrorActionPreference = "Silentlycontinue" "Current value of $attributename is " + $adobject.get($attributename) $ErrorActionPreference = $currentEAP $newvalue = Read-Host "Enter the new value (or hit Ctrl-C to Exit)" $adobject.Put($attributename,$newvalue) $adobject.SetInfo()

I hope this is useful to someone out there :)

 

-Gary Siepser

This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at https://www.microsoft.com/info/cpyright.htm.