Friday, November 25, 2016

Powershell Script: Set an extensionAttribute for multiple AD Users

With the attached script you can set extensionAttribute4 for multiple AD Users using a csv file. You can do this for other Attributes as well. :)

# Set extensionAttribute4 for specified AD Users
# Create a CSV file that looks like this:
################################################
# File path: c:\admin\UsersExt4.csv
#
# samAccountName,extensionAttribute4
# username.1,Test12345
# username.2,Test12345
################################################
# Scripty by Tim Buntrock

# import ad module
Import-module ActiveDirectory
# import users from csv and set extensionAttribute4
Import-Csv C:\admin\UsersExt4.csv | ForEach-Object {Set-ADUser $_.samAccountName -Replace @{extensionAttribute4=$_.extensionAttribute4} }

Thursday, November 3, 2016

ADUC: Delegate permissions to move Computer accounts between OUs

In ADUC, right-click OU 1 and select "Delegate Control".

Type in a user or group name and click "Next"

Select the "Create a custom task to delegate" option and click "Next".

Select "Only the following objects in the folder", browse to "Computer objects" in the list and check the box. Also check the boxes for "Create selected objects in this folder" and "Delete selected objects in this folder" and click "Next".

Check the box for "Write", click "Next" and "Finish".

Just do the same steps on OU 2.