【随笔】批量操作AD用户属性

使用powershell脚本快速添加AD用户属性

使用方式

1、将该脚本复制到DC服务上
2、以部门为单位，修改对应字段内容AD_ou,define_name,define_mail
3、保存，以管理员权限运行该脚本

#set OU and buiso info
$AD_ou="ou=test,dc=company,dc=com"
$define_name="test"
$define_mail="test@abc.com"

$user_list= (Get-ADUser -Filter * -SearchBase $AD_ou -Properties SamAccountName | Sort-Object CanonicalName |select -ExpandProperty "SamAccountName")
write-host $user_list
$is_run = read-host "Please press 'Y' to continue"
if ("Y" -eq $is_run -or "y" -eq $is_run){
    foreach ($Sam in $user_list){
      #write-host $AD_user
 
      #Set-AdUser -Identity $Sam -add @{adminDisplayName=$define_name}
      #Set-AdUser -Identity $Sam -add @{adminDescription=$define_mail}
      #Set-AdUser -Identity $Sam -remove @{adminDisplayName=$define_name}
      #Set-AdUser -Identity $Sam -remove @{adminDescription=$define_mail}
      Set-AdUser -Identity $Sam -replace @{adminDisplayName=$define_name}
      Set-AdUser -Identity $Sam -replace @{adminDescription=$define_mail}
    }
    write-host "Run success"
}else{
    write-host "Unexpected exit"
}