Script repository

Set manager for users in specific OUs

Updated on: Jan 18, 2026, Views: 2968

Managers and subordinates

The script sets a user with a specific property value in a specific OU as manager of all other accounts in the OU. To execute the script, create a scheduled task configured for the Domain object type and add a managed domain to the Activity Scope of the task. The domain will only be used to trigger execution of the scheduled task.

Parameters

  • $propertyName - the name of the property whose value will be checked to determine managers.
  • $valueToOuDN - maps values of the property specified in the $propertyName variable with distinguished names (DNs) of the corresponding OUs. For information on how to get an object DN, see Get the DN of a directory object.
$propertyName = "title" # TODO: modify me
$valueToOuDN = @{
    "Value1" = "OU=Users1,DC=domain,DC=com"
    "Value2" = "OU=Users2,DC=domain,DC=com"
} # TODO: modify me

function SearchObjects($criteria, $ouDN)
{
    $searcher = $Context.BindToObjectByDN($ouDN)
    $searcher.Criteria = $criteria
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
    $searcher.PageSize = 500
    
    try
    {
        # Execute search
        $searchIterator = $searcher.ExecuteSearch()
        $searchResults = $searchIterator.FetchAll()
        
        return ,$searchResults
    }
    finally
    {
        # Release resources
        if ($searchIterator){ $searchIterator.Dispose() }
    }
}

foreach ($value in $valueToOuDN.Keys)
{
    # Search manager
    $managerCriteria = New-AdmCriteria "user" -Expression {$propertyName -eq $value}
    $searchResults = SearchObjects $managerCriteria $valueToOuDN[$value]
    if ($searchResults.Length -eq 0)
    {
        $Context.LogMessage("Manager with value $value not found.", "Warning")
        continue
    }
    elseif ($searchResults.Length -gt 1)
    {
        $Context.LogMessage("Found more than one manager with the following value $value", "Warning")
        continue
    }
    $managerDN = $searchResults[0].Properties["distinguishedName"].Value
    
    # Search users    
    $subordinatesCriteria = New-AdmCriteria "user" -Expression {distinguishedName -ne $managerDN}
    $searchResults = SearchObjects $subordinatesCriteria $valueToOuDN[$value]
    
    foreach ($searchResult in $searchResults)
    {
        $user = $Context.BindToObjectBySearchResult($searchResult)
        $user.Put("manager", $managerDN)
        $user.SetInfo()
    }
}

Comments 0

You must be signed in to comment.

    Got questions?

    Support Questions & Answers

    We use cookies to improve your experience.
    By your continued use of this site you accept such use.
    For more details please see our privacy policy and cookies policy.