Using import users script

Question

Hello

We are trying to import new users from CSV file and when we try and add the Hire Date attribute it states it is a recognized column. Can you advise if it is possible to do?

Comments

Hello,

Could you provide us with as much details on the import process as possible?

As we know there is no Hire Date attribute in Active Directory. If you are using one of Adaxes custom date attributes (e.g. CustomAttributeDate1), make sure that the header of the column in your CSV file contains the correct LDAP name of the attribute (e.g. adm-CustomAttributeDate1).

---

Sorry, for the lack of details. We were using the method of clicking on the AD environment in Adaxes Console and Importing Data from there with the wizard. It did work with using the ldap name. We have tried using a custom command for importing users with the following script, http://www.adaxes.com/script-repository ... e-s246.htmand are getting mixed results, where some fields (last name or department) are not showing up.

Answer 1

Hello,

There was an error in the script, we've fixed it. Re-copy it from the repository. Also, the behavior of the script has changed a bit:

• Now, the script searches for existing users using the User Logon Name (pre-Windows 2000) property (LDAP name: sAMAccountName).

• You can specify the properties only by their LDAP display names.

• 2 new parameters have been added:

  • $accountPasswordColumn - specifies the name of the column that contains account passwords;
  • $sAMAccountNameColumn - specifies the name of the column that contains the User Logon Name (pre-Windows 2000) property of users.

See Import new and updated users from CSV file.

Comments

Thank you that new script worked flawlessly. Can you add the logging/email piece to the end for me? We would like to receive an email when the script encounters an error or cannot finish an operation.

---

We are trying to set up this script separately for when we update user accounts. When selecting activity scope, we are trying to select the domain and do not get the option to deselect child objects. We are trying to have the script just update the accounts that already exist in the forest today, we would like it to send a error report if the user doesn't exist so we can investigate and add via the new user script process. If you need more information please let us know.

---

Support? Any information you can provide on only updating the users in the CSV and the attrivbutes listed without changing any other attributes. Example we may update the City and State for a user so the CSV would only have data in the samAccountname, City and State columns and the description and ... would be empty. We also would like an email for any failures.

---

Hello,

Sorry for the delayed reply.

Find the updated script below. A report with errors will be sent to the specified email address after the script execution. If a user does not exist, an error will be added to the report.

The Scheduled Task must be configured for the Domain-DNS object type. The domain here will be used only to trigger the script and does not define the scope of users it will be executed on. If you select, for example, an Organizational Unit as target object, the script will be executed for each OU in the domain.

When selecting activity scope, we are trying to select the domain and do not get the option to deselect child objects.

This behavior is by design. Deselecting domain child objects would remove all the objects under the domain from Activity Scope of the Scheduled Task.

Import-Module Adaxes

$csvFilePath = "\\server\share\ImportedUsers.csv" # TODO: modify me
$accountPasswordColumn = "AccountPassword" # TODO: modify me
$sAMAccountNameColumn = "sAMAccountName" # TODO: modify me

# E-mail settings
$recipient = "recipient@domain.com" # TODO: Modify me
$subject = "Error Report: Import data from csv" # TODO: Modify me
$reportHeader = "<h1><b>Error Report: Import data from csv</b></h1><br/>"# TODO: Modify me
$reportFooter = "<hr /><p><i>Please do not reply to this e-mail, it has been sent to you for notification purposes only.</i></p>" # TODO: modify me

$domainName = $Context.GetObjectDomain("%distinguishedName%")

$report = New-Object "System.Text.StringBuilder"
try
{
    $importedUsers  = Import-Csv -Path $csvFilePath -ErrorAction Stop
}
catch
{
    $message = "An error occurred while importing CSV file '$csvFilePath'. Error: " + $_.Exception.Message
    $Context.LogMessage($message, "Warning")
    [void]$report.Append("<li>$message</li>")
    $importedUsers = @()
}

foreach ($userFromCSV in $importedUsers)
{
    $userObject = @{}
    $accountPassword = $NULL
    foreach ($property in $userFromCSV.PSObject.Properties)
    {
        $propertyName = $property.Name
        $value = $property.Value

        if($propertyName -ieq $accountPasswordColumn -and !([System.String]::IsNullOrEmpty($value)))
        {
            $accountPassword = ConvertTo-SecureString -AsPlainText $value -Force
            continue
        }
        elseif ($propertyName -ieq $accountPasswordColumn -and [System.String]::IsNullOrEmpty($value))
        {
            continue
        }

        if ([System.String]::IsNullOrEmpty($value))
        {
            continue
        }

        if ($value -ieq "True" -or $value -ieq "False")
        {
            $value = [System.Boolean]::Parse($value)
        }

        $userObject.Add($propertyName, $value)
    }

    # Check whether the user exists
    $userIdentity = $userObject.$sAMAccountNameColumn
    try
    {
        $userExists = Get-AdmUser -Identity $userIdentity `
            -AdaxesService localhost -ErrorAction Stop -Server $domainName
    }
    catch
    {
        $message = "$userIdentity`: An error occurred while searching user. Error: " + $_.Exception.Message
        $Context.LogMessage($message, "Warning")
        [void]$report.Append("<li>$message</li>")
        continue
    }

    # If user exists, update account
    try
    {
        Set-AdmUser -Identity $userExists.DistinguishedName -Replace $userObject `
            -AdaxesService localhost -Server $domainName -ErrorAction Stop
    }
    catch
    {
        $message = "$userIdentity`: An error occurred while updating user. Error: " + $_.Exception.Message
        $Context.LogMessage($message, "Warning")
        [void]$report.Append("<li>$message</li>")
    }

    if ([System.String]::IsNullOrEmpty($accountPassword))
    {
        continue
    }

    try
    {
        Set-AdmAccountPassword -Identity $userExists.DistinguishedName -NewPassword $accountPassword `
            -Reset -Server $domainName -AdaxesService localhost -ErrorAction Stop
    }
    catch
    {
        $message = "$userIdentity`: An error occurred while updating the password for user. Error: " + $_.Exception.Message
        $Context.LogMessage($message, "Warning")
        [void]$report.Append("<li>$message</li>")
    }
}

if ($report.Length -eq 0)
{
    return
}

# Build html
$html = $reportHeader + "<ul style=""list-style: none;"">" + $report.ToString() + "</ul>" + $reportFooter

# Send report
$Context.SendMail($recipient, $subject, $NULL, $html)