1

I am new to PS and AD, I am writing a script that loops through a csv and updates our AD. I am having several issues, where if the field is populated the PS AD Command runs fine, if the variable is null or empty then the PS Command Fails. I find it hard to believe AD can't handle null values, so I don't know if I am doing something wrong.

I have tried to do single commands for each to identify if it is the null causing the issue and I can see that is what is happening. 

$datetime= get-date -UFormat "%Y-%m-%d_%H-%M-%S"
Import-Csv D:\adupdate.csv | ForEach-Object {
$hdate = $_."hiredate" -as [datetime] 

Set-ADUser $_.UserID -DisplayName $_.DisplayName -Initials $_.Middle -Manager $_.Manager -Surname $_.LastName -givenname $_.FirstName -Office $_.Office -Department $_.Department -officeNumber $_.TeleNumber -MobilePhone $_.Mobile -Title $_.JobTitle -Company $_.Company -replace @{employeeType=$_.EmployeeType;employeeID=$_.Badge;employeeNumber=$_.EmployeeNumber;extensionAttribute3=$_.Subdepartment;ipPhone=$_.ipPhone}
Set-ADUser $_.UserID -replace @{hireDate=$hdate}
}

Error:

+ CategoryInfo          : InvalidOperation: (XXX:ADUser) [Set-ADUser], ADInvalidOperationException
    + FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.SetADUser

So I changed into this, but seems inefficient checking for every variable from csv to check if null or empty:

if(-not ([string]::IsNullOrEmpty($_.employeetype))){Set-ADUser $_.userid -Replace @{'employeeType'=$_.employeetype}}
    else {Set-ADUser $_.userid - -Replace @{'employeeType'=' '}}
    if(-not ([string]::IsNullOrEmpty($_.badgenumber))) {Set-ADUser $_.userid -Replace @{'employeeID'=$_.badgenumber}}
    else {Set-ADUser $_.userid -Replace @{'employeeID'= ' '}}
    if(-not ([string]::IsNullOrEmpty($_.eecode))) {Set-ADUser $_.userid -Replace @{'employeeNumber'=$_.eecode}}
    else {Set-ADUser $_.userid -Replace @{'employeeNumber'= ' '}}
    if(-not ([string]::IsNullOrEmpty($_.subdepartment))) {Set-ADUser $_.userid -Replace @{'extensionAttribute3'=$_.subdepartment}}
    else{Set-ADUser $_.userid -Replace @{'extensionAttribute3'=' '}}
    if(-not ([string]::IsNullOrEmpty($_.ipphone))) {Set-ADUser $_.userid -Replace @{'ipPhone'=$_.ipphone}}
    else{Set-ADUser $_.userid -Replace @{'ipPhone'=' '}}
Improve this question

1 Answer 1

Reset to default
4

If you don't want to do the error/sanity checking before updating your data, you can store the -Replace data into a hash table. Then remove the empty/null key-value pairs. After the cleanup, you can pass the hash table variable to the -Replace parameter.

$hash = @{employeeType=$_.EmployeeType;employeeID=$_.Badge;employeeNumber=$_.EmployeeNumber;extensionAttribute3=$_.Subdepartment;ipPhone=$_.ipPhone}
$keysToRemove = $hash.keys | Where-Object { 
    !$hash[$_] 
}
$keysToRemove | Foreach-Object { 
    $hash.remove($_) 
}

Set-ADUser $_.UserID -DisplayName $_.DisplayName -Initials $_.Middle -Manager $_.Manager -Surname $_.LastName -givenname $_.FirstName -Office $_.Office -Department $_.Department -officeNumber $_.TeleNumber -MobilePhone $_.Mobile -Title $_.JobTitle -Company $_.Company -Replace $hash

Sometimes you may actually want to blank out the data if it comes over as null. In the past I have used the Set-ADUser -Clear PropertyName to wipe out those values. You could use Set-ADUser -Clear $keysToRemove in this case.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

I just Realized what about the switch commands those are giving me issues as well if they are null. I tried adding -DisplayName to a hash and it does not let me.
You could just add all of them to the hash table since -Replace will work for almost every attribute. A few attributes are wonky like the country related ones, c, co, etc. They require replacing multiple attributes at the same time so switches are easiest for those attributes. You could build a hash dynamically based on the headers of the CSV file or object property names you import from the CSV.
Another idea is to dynamically build your command string based on your CSV data. Then you can run Invoke-Expression on that. That could be dangerous though if you don't know what is in your CSV files before you run it. You may be better served to just write your own function that does all the data cleanup for you. It will be a pain to set up the first time, but you'd only ever have to run it afterwards.
Just from experience, the Manager attribute is harder to handle in -Replace. With the -Manager switch, you can use the SamAccountName of the manager. Inside of -Replace it must be the DN of the object. Chances are your CSV will have the SamAccountName or UPN so you will have to do a lookup of that account first to get the DN.
I just tested with adding displayname: $hash.add("displayName",$_.DisplayName); set-aduser $_.userid -replace $hash. I had no issues there provided even though it contained nonempty data.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.