Active Directory self-update using PowerShell script
The PowerShell script given below is an example of using PowerShell to update the mobile numbers of their organization's users in Active Directory (AD). ADSelfService Plus, an AD self-service password management and single sign-on solution, allows users to self-update their Active Directory profile information. Here is a comparison between updating users' AD information using PowerShell and ADSelfService Plus:
With PowerShell
$UsersCSV = Import-CSV "<enter CSV file here"
$Results = @()
ForEach ($User in $UsersCSV) {
$Username = $User.username.trim()
$Number = $User.mobile.trim()
$UserDetails = $null
$UserCheck = $null
Try{
$UserDetails = Get-ADUser -Identity $Username -Properties MobilePhone
}
Catch{
$_.Exception.Message
Continue
}
If (!$UserDetails.'MobilePhone') {
Try{
Set-ADUser -Identity $username -replace @{ 'MobilePhone' = $($Number) }
$UserCheck = Get-ADUser -Identity $Username -Properties mobilephone -ErrorAction Stop
If ($UserCheck) {
$Object = New-Object PSObject -Property ([ordered]@{
"User name" = $Username
"Mobile" = $UserCheck.MobilePhone
})
$Results += $Object
}
}
Catch{
$_.Exception.Message
Continue
}
}
}
$Results | Format-Table
ADSelfService Plus
- Create a policy. Select Self Update and any other self-service actions that can be performed by users in the policy.
- Go to Directory Self Service > Self Update Layout.
- You can choose to edit the Default layout by clicking on the edit icon or click Create New Layout.
- Drag and drop the required fields in the layout.
- Click Save.
- Click Assign Policies and in the pop-up that appears, choose the layout you have created for the desired policy.
- Click OK.
- Users for that policy will now be able to update their AD profile information using ADSelfService Plus.
- Quick configuration:
With ADSelfService Plus, administrators can configure AD self-update by simply dragging and dropping the desired fields in the self-update layout.
- Choose which users can update their AD information:
Creating an ADSelfService policy, administrators select the domain, OUs, and groups whose users can update their AD profile information.
- Secured update of AD information:
Before users can log in to the ADSelfService Plus portal and update their AD information, they will have to complete multi-factor authentication. During MFA, users will have to verify their identity using other methods in addition to authenticating with the AD username and password .
- Create approval workflow rules:
Ensures that the self-updated information by end users is checked and validated by the help desk or managers, before it is updated in Active Directory.
- Audit self-update actions:
Captures all self-update operations that can be easily generated with a single click and exported in various formats such as CSV, HTML, XLS, and PDF.
- Force users to self update their profile information:
Users can be forced to update the self-update fields that have been selected as mandatory as soon as they log into the ADSelfService Plus portal.
- Customize the fields:
The profile information fields can be customized according to the organization's needs. The field name and type can be altered and the fields can be made mandatory or read-only if necessary.
Empower users to update their Active Directory profile information..
Get 30-day free trial.
