Use ADSI to Set and Clear Active Directory Attributes

Other Posts in this Series:

• LDAP Does Not Return All Active Directory Group Members
• The Difference Between ADSI and ADSISearcher
• Use ADSI to Check if a User is a Member of an AD Group
• Use ADSI to Check if a Computer is a Member of an AD Group
• Use ADSI to Migrate AD Group Members

• 1
• 2
• 3
• 4
• >>

This post provides an example of how we can use ADSI to set and clear Active Directory Attributes.  We search for a user called “alkaneuser” and set or clear the department attribute.

$objSearcher=[adsisearcher]'(&(objectCategory=person)(objectClass=user)(sAMAccountName=alkaneuser))'
	
$colProplist = "samaccountname","department"
foreach ($i in $colPropList) { $objSearcher.PropertiesToLoad.Add($i) | out-null } 
	
$colResults = $objSearcher.FindOne()	
 
if ($colResults -ne $null)
{   	  
    $user = [adsi]($colResults.Properties).adspath[0]

    #set attribute
    $user.Put("department", "Example department2"); 
    $user.setinfo();
        
    #clear attribute - uncomment as required
    #$user.PutEx(1, "department", 0); 
    #$user.setinfo();   	
}