There is an AD with 1000 users, attributes for example as: name, organization, city are already filled, there is an excel file with another attribute. The question is how to make this attribute (info) to hell. Any ways PowerShell, python, java are welcome

Closed due to the fact that off-topic participants 0xdb , aleksandr barakin , Kirill Korushkin , mkkik , MaxU 16 May at 22:57 .

It seems that this question does not correspond to the subject of the site. Those who voted to close it indicated the following reason:

  • "The question is caused by a problem that is no longer reproduced or typed . Although similar questions may be relevant on this site, solving this question is unlikely to help future visitors. You can usually avoid similar questions by writing and researching a minimum program to reproduce the problem before publishing the question. " - 0xdb, aleksandr barakin, Kirill Korushkin, mkkik, MaxU
If the question can be reformulated according to the rules set out in the certificate , edit it .

  • Look here . It is possible that you will find a hint. - de_frag
  • Thank you, the information is pretty. Suppose there is such a structure CN = RD, OU = Sector, OU = Division, OU = Dom, DC = home, DC = ru. In the OU = Dom, 10 DNs are allowed, and there are two in them. How to automate the cycle of passage through all paths referring to each CN. Or maybe there is a way to unload all the CN and walk on them? - Ryb 1:51 pm
  • I would do something like this: I run a search with a filter of type (objectClass=organizationalPerson) , by searching basedn =OU=Dom, DC=home and by searching type ldap.SCOPE_SUBTREE . I get a list of all nested objects and do what I need with them. - de_frag
  • @de_frag so far: Get-ADGroupMember -Identity "Domain Users" -Recursive | where {$_.info -eq $null} | Set-ADUser -Add @{info = { Get-ADGroupMember -Identity "Domain Users" -Recursive | where {$_.info -eq $null} | Set-ADUser -Add @{info = { Get-ADGroupMember -Identity "Domain Users" -Recursive | where {$_.info -eq $null} | Set-ADUser -Add @{info = { get all users recursively for OU = "Domain Users" (and all nested) where the info attribute is not filled, and the most interesting :) Suppose I find CN = Ivanov Ivan, with the info attribute, there is * .csv file in it is a list with the names and values ​​of attributes, how to cycle through all the CNs and apply values ​​from the file to them? - Ryb
  • I'm not into PowerShell, so I won't tell you. - de_frag

2 answers 2

If this attribute is already in the schema, you can connect to the directory service via LDAP and make changes. To do this, you can use the LDAP3 module for Python3. If there is no such attribute, then you need to expand the schema, but I do not recommend doing this, because there are problems with updating the schema version.

  • there is an attribute, for all users now it is not set, if I understand you correctly - Ryb
  • This library has a tutorial ldap3.readthedocs.io/tutorial.html where it is well described how to work with it, although there must be a way to do this through PS, but I do not know how it works - user268178
  • I didn’t find how to solve it through PS at once.

The solution was found, just the info attribute was not seen, it needed to be addressed via -OtherAttributes @ {info = $ _. Info}