-
Notifications
You must be signed in to change notification settings - Fork 0
/
UpdateExtensionAttribute1.ps1
36 lines (30 loc) · 1.33 KB
/
UpdateExtensionAttribute1.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
$sngroups = @()
$nomanager = @()
$noext1 = @()
$update = @()
$sngroups = Get-ADgroup -filter {samaccountname -like "SN_*"} -properties *
Write-Host "Group Count is: " $sngroups.count
$sngroups | Select-Object Samaccountname, extensionAttribute1, managedby
#Missing managedBy
$nomanager = $sngroups | where-object {$_.managedby -eq $null}
#$nomanager | Select-Object Samaccountname, extensionAttribute1, managedby
$nomanager | Where-Object {$null -ne $_.extensionAttribute1} | Select-Object Name, extensionAttribute1, managedby #where ext1 is set but manager is not populated.
#No ext1
$noext1 = $sngroups #| where-object {$null -eq $_.extensionAttribute1 -and $null -ne $_.managedby }
#$noext1 | Select-Object Samaccountname, extensionAttribute1, managedby
#updates needed
$update = @([PSCustomObject]@{})
$sngroups | foreach-object {
$update += [PSCustomObject]@{
Name = $_.Samaccountname
Manager = $_.managedby.split(",").split("=")[1]
}
}
#Update ext1 for those SN groups with ManagedBy populated.
$update | foreach-object {
#$_.Name
#$($_.Manager)
#Set-ADgroup -identity $_.Name -add @{"extensionattribute1"="$($_.Manager)"}
Set-ADgroup -identity $_.Name -Replace @{"extensionattribute1"="$($_.Manager)"}
}
# Set-ADgroup -identity SN_Identity_Access_Management -replace @{"extensionattribute1"="1194330"}