#############################################################
# ADModify.ps1
# Sets a value to an attribute of users listed in a file
# example: ADModify.ps1 -IsTestMode $true -attribute "extensionattribute15" -newvalue = "BES"
#############################################################
# Scripted by: Hans Willi Kremer, NETsec GmbH & Co. KG, http://www.netsec.de, http://tools4Exchange.com
# Tags: ADModify, modify attribute in bulk, Active Directory attribute modification, bulk modification, support tools, Exchange migration, Exchange move mailbox
#############################################################
Param(
         [string]$IsTestMode = $true,						# declare test-mode or modify-mode
		 [string]$attribute = "extensionattribute10",		# attribute which has to be modified
		 [string]$newvalue = "BES",							# value which is set to the given attribute
		 [string]$outputfilename ="C:\yyy_output.txt", 		# log will be written to this file
		 [string]$inputfilename ="C:\xxx_input.txt" 		# file which contains the alias names of users who will be checked
)
# to check before running script
$IsPresent = ": Correct value already present"				# displayed in log if the value of users attribute is already set
$ErrorWriting = "Error writing: "							# displayed in log if script runs into error state
$IsTestModeString = "IsTestMode: "							# displayed in log if script runs in test mode
$ValueChangedString = ": changed  to: " 					# displayed in log if value of users attribute is modified
$date = get-date
Write-Output ($date.ToString() + " " + $IsTestModeString  + " " +  $IsTestMode) | out-file $outputfilename -append 
Write-Output ($date.ToString() + " " + "Starting script") | out-file $outputfilename -append 

$boxes = Get-Content $inputfilename 						# read all users from inputfile
Foreach ($element in $boxes )
  {
    $date = get-date
    $mailbox = Get-Mailbox $element -ResultSize unlimited 	# get user's dn in Active Directory 
    $ldap = "LDAP://" + $mailbox.distinguishedname					
    $de = New-Object DirectoryServices.DirectoryEntry $ldap	# bind to user's object
 
    if ($de.Properties["$attribute"].Value -eq $newvalue)	# if new value is already present
       {
        Write-Output ($date.ToString() + " " + $element + " " + $attribute + " with value " + " " + $newvalue + " " + $IsPresent) | out-file $outputfilename -append 
       }
      else													# if new value is not present
      {
        try
        {
           $de.Properties["$attribute"].Value = $newvalue
           if ($IsTestMode -eq $false) 
           {
            $de.commitchanges()
           }
        }
        catch
        {
           Write-Output ($date.ToString()  + " " + $element  + " " + $ErrorWriting) | out-file $outputfilename -append 
        }
        finally
        {
           Write-Output ($date.ToString() + " " +   $element  + " " +   $attribute + " " + $ValueChangedString  + " " +  $newvalue) | out-file $outputfilename -append 
        }    
      } #end if
         
  } # end Foreach element
  Write-Output ($date.ToString() + " " + "Finished script") | out-file $outputfilename -append