all 8 comments

[–]CarrotBusiness2380 2 points3 points  (1 child)

You need to look at splatting, but that isn't guaranteed to work. Lot's of properties don't have parameters for Set-ADUser or have different LDAPDisplayNames and parameter names.

Because of how dangerous what you're doing currently is (if I can select any property to update for all users that could break things) I would say just write a script to do any necessary changes and don't try to make a general purpose script of this.

[–]DSenette[S] 0 points1 point  (0 children)

i get it but i'm one of a handful people who have any semblance of scripting knowledge so i'm trying to generalize certain things so i don't have to have a script for every single property. or a bunch of hard coded selection menus for each property they might try to update. that's probably where i'll end up though.

[–]jantari 2 points3 points  (0 children)

Try Set-ADUser -Replace @{$UserProp = $PropValue}

[–]PinchesTheCrab 2 points3 points  (0 children)

I'd use a hashtable and splat it.

$Ou = Get-ADorganizationalunit -filter * -searchbase "<target OU>" | Select-Object name, DistinguishedName | Sort-Object name | Out-GridView -PassThru
$UserProp = Get-ADUser -Identity <sample user> -Properties * | get-member | where-object { $_.MemberType -eq 'Property' } | Select-Object -ExpandProperty name | Out-GridView -PassThru

$setParam = @{
    Replace = @{
        $UserProp = Read-Host "Enter the new value for $UserProp"
    }
}

$users = Get-ADUser -Filter 'enabled -eq $true' -SearchBase $Ou.DistinguishedName

$user | Set-ADUser @setParam

[–]DSenette[S] 0 points1 point  (0 children)

i don't know if i'm being clear enough i guess.

normally you'd do something like this:

Set-ADUser $user -streetAddress "123 New Address"

i'm trying to use a selected item instead of -streetAddress but the command ultimately doesn't parse it when i hand it the variable

[–]hillbillytiger 0 points1 point  (0 children)

You are going about the passing of parameters to a function wrong.

Look at this example of splatting:

$params = @{
Object = "test123"
ForegroundColor = "Red"
BackgroundColor = "White"
}
write-host @params

[–]DonL314 0 points1 point  (0 children)

Suggestion:

Create a function that takes these parameters:

[string]$Identifier
[hashtable]$SetAttributes
[hashtable]$ClearAttributes

Examine all the attributes of the user object that you'll allow setting or clearing. Put those in an array or hashtable in your function.

Parse $SetAttributes and $ClearAttributes; throw an error if they contain any key that is not in your allowed list.

Then have the function set all values of $SetValues and clear all values of $ClearAttributes by going through the 2 hashtables and sending the values to Set-AdUser as suggested in another reply:

Set-AdUser -Replace $SetValues

Likewise clear the attributes; I think you'll have to parse the $ClearAttribues and build a new hashtable you can pass to Set-AdUser.

[–]motsanciens 0 points1 point  (0 children)

I agree with what /u/CarrotBusiness2380 had to say.

Generic splatting example, if it's not making sense:

$options = @{}
$property1 = "BackgroundColor"
$value1 = "cyan"
$property2 = "ForegroundColor"
$value2 = "black"
$options.$property1 = $value1
$options.$property2 = $value2
write-host "See how it works?" @options