Summary: Microsoft Scripting Guy, Ed Wilson, talks about using Windows PowerShell to add office locations in Active Directory Domain Services.
Hey, Scripting Guy! We are in the midst of a domain migration at work, and I need to clean up a number of attributes in Active Directory prior to our migration. Part of our issue is that we have attributes that are missing values, and I just hate to migrate empty stuff. Is there anything you can do to help?
—TV
Hello TV,
Microsoft Scripting Guy, Ed Wilson, is here. I am listening to my customized Internet radio station with a cool app I found for Windows 8 in the Windows Store. It is really cool to be able to select my listening preferences. I have actually spent a bit of time and created a couple of special Scripting Guy stations. It all depends on what I am writing. For example, Active Directory Domain Services questions simply beg for a bit of classic New Orleans style jazz—or, that is just me. Jazz also goes well with spearmint, wintergreen, peppermint, and lemon grass with a spoon full of Gun Powder Green tea. So I have my tunes and my tea. I guess I will answer your question.
First find the attribute
The first thing I need to do is to find the attribute that is missing. I first look at the user in Active Directory Users and Computers. This is shown here:
It seems that the Office attribute is missing from all of the user objects. I add a bunch of AAAAAs to the Office field so I can find the attribute in ADSI Edit. I check with ADSI Edit, and sure enough the Office attribute is named physicalDeliveryOfficeName as shown in the following image. Good, that makes it easy.
I look around, and all of the cities are populated. So I check ADSI Edit, and I figure out that it uses a lower-case l—as in L for Location. This is shown here.
Populating the Office field
In my example, the office names are the same as the city names. So all I need to do is to read all of the city names from all users in the TestOU organizational unit and add the city value to the Office attribute. First, let me make sure I can get the cities for all users. This is shown here:
Get-ADUser -Filter * -SearchBase ‘ou=testou,dc=iammred,dc=net’ -Properties l
The command and its output are shown in the image that follows.
As it turns out, I do not need to know the physicalDeliveryOfficeName attribute name because Set-ADUser has an –Office parameter. I compose the following command and use the –Whatif parameter to ensure that things will do what I want them to do.
PS C:\> Get-ADUser -Filter * -SearchBase ‘ou=testou,dc=iammred,dc=net’ -Properties l
| Foreach {Set-ADUser $_ -Office $_.l -whatif}
The command and the output are shown here.
So, I remove the –Whatif and run the command again. This time, nothing returns from the command. (On my system, it takes about five seconds to run.) Here is the command (this is a one-line command broken at the pipe for readability):
Get-ADUser -Filter * -SearchBase ‘ou=testou,dc=iammred,dc=net’ -Properties l|
Foreach {Set-ADUser $_ -Office $_.l}
I use Active Directory Users and Computers and check a few users. Here is the first user. The command worked.
TV, that is all there is to using Windows PowerShell to add office locations to users in a specific AD DS OU. Active Directory Domain Services Week will continue tomorrow when I will talk about Active Directrory migration cleanup.
I invite you to follow me on Twitter and Facebook. If you have any questions, send email to me at scripter@microsoft.com, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace.
Ed Wilson, Microsoft Scripting Guy
0 comments