foreach question

Hi guys,

I would like to change a customattribute for all users in active directory, but script below is not working, what do i do wrong?

 

$users = get-aduser -Filter * | select samaccountname

foreach ($user in $users)
{
Set-AdUser -Identity $user -Replace @{ customAttribute1="something" }
}

 

That’s quite vague. How do you know it is not working? :wink: What’s the situation before? What happens when you onvoke this code? What’s the situation after?

You need to use Select-Object -ExpandProperty SamAccountName; select samaccountname (or more properly Select-Object -Property SamAccountName if you use the full-form syntax) like you have there will get you the one property attached to an object, rather than just the value of the property – which is what Set-ADUser will need.

A one liner without foreach

Get-ADUser -Filter * -Properties customAttribute1 | Set-AdUser -Identity $user -Replace @{ customAttribute1="something" }

[quote quote=166990]A one liner without foreach

<textarea class="ace_text-input" style="opacity: 0; height: 18px; width: 6.59781px; left: 44px; top: 0px;" spellcheck="false" wrap="off"></textarea>
1
2
Get-ADUser -Filter * -Properties customAttribute1 | Set-AdUser -Identity $user -Replace @{ customAttribute1="something" }
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[/quote]

This is not helpfull because i need to do it for all the users not per user.

[quote quote=166951]You need to use Select-Object -ExpandProperty SamAccountName; select samaccountname (or more properly Select-Object -Property SamAccountName if you use the full-form syntax) like you have there will get you the one property attached to an object, rather than just the value of the property — which is what Set-ADUser will need.

[/quote]

Hi Joel, i think i do understand what you tell mee but i don’t know exaiclly what you mean. I replaced the code with

Select-Object -Property SamAccountName

But i still receive the same error message:

Cannot bind parameter Identity

 

Any help for me?

 

 

 

Set-ADUser here will be executed for each user from Get-ADUser cmdelt. What will be the value for customattribute ?

In your loop the way you have it, you can use the propertyname.

 

$users = Get-ADUser -Filter *

foreach ($user in $users)
{
  Set-AdUser -Identity $user.samAccountName -Replace @{ customAttribute1="something" }
}

Yep. Or use -ExpandProperty (and not -Property) like I mentioned in the initial one. :slight_smile:

Thanks Dan! This is the way go, script working.

That one-liner should work without the “-Identity $user” after “Set-Aduser”.