PowerShell.com
Forums » Ask the Experts » PowerShell for Active Directory » Updating "manager" attribute in AD using a value queried from a sql db

Updating "manager" attribute in AD using a value queried from a sql db

rated by 0 users
This post has 2 Replies | 1 Follower

Not Ranked
Posts 1
Reply
Eran Posted: 01-18-2012 9:41 AM

Hi!

 

I have a VB script which queries LDAP and SQL for values then writes the sql value to AD.

Since updating "manager" attribute in AD requires the DN of the user object, i'd like to use powershell in order to do it.

The queried value of the manager's name from sql is formatted as: FirstName(space)LastName

I need to use that value, convert its format to AD user account: FirstName.LastName

and write it back to AD using powershell.

The writing back to AD part in the VBScript is the following:

'**********update Manager**********

SuperVisor=objRecordSet.Fields.Item("SuperVisor")
Manager=objRecordSet.Fields.Item("Manager")

    objuser.put "Manager",SuperVisor
    update_flag=true

'**********************************

SuperVisor is the object representing the value queried from the SQL- FirstName(space)LastName

Manager is the object representing the ad attribute.

 

Hope someone can help me with this one!

 

Thanks in advance.

Top 10 Contributor
Posts 296
Microsoft MVP
Top Contributor
Reply
RSiddaway replied on 01-19-2012 6:41 AM

If you want help with the whole script please post and it can  be translated

In etrms of updating an AD user's attribute see the script example at the bottom of this post

http://msmvps.com/blogs/richardsiddaway/archive/2012/01/17/setting-user-properties.aspx

Top 500 Contributor
Posts 6
Reply
czuellig replied on 04-04-2012 5:31 PM

Hello

To read Data from SQL you might find this Helpfull

http://www.powershell.nu/2009/01/26/sql-through-powershell/

As for Active Directory the Manager Attribute accepts only the distinguishedName of the Managers User Object - so you migth have to search for with something like this.

$emplogin="XXX"
$mnglogin="YYY"

[System.DirectoryServices.DirectorySearcher]$adSearch=new-object System.DirectoryServices.DirectorySearcher(new-object System.DirectoryServices.DirectoryEntry)
$adSearch.PageSize=1000;
$adSearch.PropertiesToLoad.AddRange(@("distinguishedname","samaccountname"));
$adSearch.Filter=([String]::Format("(&(objectclass=user)(samaccountname={0}))",$emplogin))
$adEmployee=$adSearch.FindOne()

$adSearch.Filter=([String]::Format("(&(objectclass=user)(samaccountname={0}))",$mnglogin))
$adManager=$adSearch.FindOne()


if(($adManager -ne $null) -AND ($adEmployee -ne $null))
{
    [System.DirectoryServices.DirectoryEntry]$adUser=[System.DirectoryServices.DirectoryEntry]$adEmployee.GetDirectoryEntry()
    $adUser.Properties["manager"].Value=[String]$adManager.Properties["distinguishedname"]
    $adUser.CommitChanges()
    $adUser.close()
}

Page 1 of 1 (3 items) | RSS
Copyright 2012 PowerShell.com. All rights reserved.