Related features:

Related Powershell Guides:

Active Directory self-update using PowerShell script

The PowerShell script given below is an example of using PowerShell to update the mobile numbers of their organization's users in Active Directory (AD). ADSelfService Plus, an AD self-service password management and single sign-on solution, allows users to self-update their Active Directory profile information. Here is a comparison between updating users' AD information using PowerShell and ADSelfService Plus:

With PowerShell

Run the following script to update the users' mobile numbers in AD using a CSV file. Create a CSV file with the users' usernames and mobile numbers and mention its file path in the script.

$UsersCSV = Import-CSV "<enter CSV file here"
$Results = @()

ForEach ($User in $UsersCSV) {
$Username = $User.username.trim()
$Number = $User.mobile.trim()
$UserDetails = $null
$UserCheck = $null

Try{
$UserDetails = Get-ADUser -Identity $Username -Properties MobilePhone
}
Catch{
$_.Exception.Message
Continue
}

If (!$UserDetails.'MobilePhone') {
Try{
Set-ADUser -Identity $username -replace @{ 'MobilePhone' = $($Number) }
$UserCheck = Get-ADUser -Identity $Username -Properties mobilephone -ErrorAction Stop
If ($UserCheck) {
$Object = New-Object PSObject -Property ([ordered]@{

"User name" = $Username
"Mobile" = $UserCheck.MobilePhone
})

$Results += $Object
}
}
Catch{
$_.Exception.Message
Continue
}
}
}

$Results | Format-Table
With ADSelfService Plus
  • Create a policy. Select Self Update and any other self-service actions that can be performed by users in the policy.
  • Go to Directory Self Service > Self Update Layout.
  • You can choose to edit the Default layout by clicking on the edit icon or click Create New Layout.
  • Drag and drop the required fields in the layout.
  • Click Save.
  • Click Assign Policies and in the pop-up that appears, choose the layout you have created for the desired policy.
  • Click OK.
  • Users for that policy will now be able to update their AD profile information using ADSelfService Plus.
    Steps to configure Active Directory self-update using ADSelfService Plus
    Steps to link a self-update layout to a policy in ADSelfService Plus

Advantages of ADSelfService Plus:

  • Quick configuration: With ADSelfService Plus, administrators can configure AD self-update by simply dragging and dropping the desired fields in the self-update layout.
  • Choose which users can update their AD information: Creating an ADSelfService policy, administrators select the domain, OUs, and groups whose users can update their AD profile information.
  • Secured update of AD information: Before users can log in to the ADSelfService Plus portal and update their AD information, they will have to complete multi-factor authentication. During MFA, users will have to verify their identity using other methods in addition to authenticating with the AD username and password .
  • Create approval workflow rules: Ensures that the self-updated information by end users is checked and validated by the help desk or managers, before it is updated in Active Directory.
  • Audit self-update actions: Captures all self-update operations that can be easily generated with a single click and exported in various formats such as CSV, HTML, XLS, and PDF.
  • Force users to self update their profile information: Users can be forced to update the self-update fields that have been selected as mandatory as soon as they log into the ADSelfService Plus portal.
  • Customize the fields: The profile information fields can be customized according to the organization's needs. The field name and type can be altered and the fields can be made mandatory or read-only if necessary.

Using PowerShell to self-update AD details

Step 1: Authenticate the user

Prompt the user for their username. This ensures only authorized users update their own details.

$Username = Read-Host "Enter your username"

Step 2: Allow users to edit their information

Prompt users for new details. This script collects updated contact information.

$PhoneNumber = Read-Host "Enter your new phone number"
$OfficeLocation = Read-Host "Enter your new office location"

Step 3: Update AD details

Modify the AD user attributes. This updates the user's mobile number and office location in AD.

Set-ADUser -Identity $Username -MobilePhone $PhoneNumber -Office $OfficeLocation Write-Host "Your details have been updated."

Step 4: Automate the update process

Run this script regularly using Task Scheduler. This ensures user details are updated on a scheduled basis.

$trigger = New-ScheduledTaskTrigger -Daily -At "08:00AM"
$action = New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-File C:\Scripts\UpdateADDetails.ps1" Register-ScheduledTask -TaskName "UserSelfUpdate" -Trigger $trigger -Action $action -User "SYSTEM"

FAQs

1. How can users update their details in AD?

Update user details in AD using the script below:

Set-ADUser -Identity username -Email "newemail@domain.com" -OfficePhone "1234567890"

2. Can users update multiple attributes at once?

Yes, multiple attributes can be updated at once using the script below:

Set-ADUser -Identity username -Title "New Title" -Department "IT"

3. Is admin approval needed for these changes?

Admin approval depends on permissions. Some attributes require admin rights.

Empower users to update their Active Directory profile information.

Try it now for free

ADSelfService Plus trusted by

A single pane of glass for complete self service password management
Password Self-ServiceDirectory Self-ServiceOne IdentitySecurityRelated Products

A single pane of glass for complete self service password management

Free Trial Get Quote
Email Download Link