Add to collection(s) Add to saved
  1. No category

creatingUsers - WordPress.com

advertisement 
#region Global Hashtables, variables, arrays, etc
$streetAddress = @{"Office 1"="Address
"Office 2"="Address 2 "Office 3"="Address 3 "Office 4"="Address 4 -
1 - without city, state,
without city, state, and
without city, state, and
without city, state, and
and zip";
zip";
zip";
zip";}
#Office Phone Numbers
$telephoneNumber = @{"Office 1" = "555-555-1111";
"Office 2" = "555-555-2222";
"Office 3" = "555-555-3333";
"Office 4" = "555-555-4444";}
#Office Fax Numbers
$facsimileTelephoneNumber = @{"Office
"Office
"Office
"Office
#Office Zip Codes
$postalCode = @{"Office
"Office
"Office
"Office
1"
2"
3"
4"
=
=
=
=
1"
2"
3"
4"
=
=
=
=
"555-111-1111";
"555-222-2222";
"555-333-3333";
"555-444-4444";}
"11111";
"22222";
"33333";
"44444";}
#Office City (AD attribute is a lower case "L")
$l = @{"Office 1" = "City of Office 1";
"Office 2" = "City of Office 2";
"Office 3" = "City of Office 3";
"Office 4" = "City of Office 4";}
#Office State
$st = @{"Office
"Office
"Office
"Office
1"
2"
3"
4"
=
=
=
=
"State
"State
"State
"State
of
of
of
of
Office
Office
Office
Office
1";
2";
3";
4";}
#Home Folder Locations -- previously used to build home directory path,
no longer used
<#$homeDirectory = @{ "Office 1" = "\\fileserver1\userdirectory1 +
$userPrincpalName";
"Office 2" = "\\fileserver2\userdirectory2 +
$userPrincpalName";
"Office 3" = "\\fileserver3\userdirectory3 +
$userPrincpalName";
"Office 4" = "\\fileserver4\userdirectory4 +
$userPrincpalName";} #>
#OU Variable
$userOU = @{ "Office 1" = "OU=Office 1,OU=My Company
Users,DC=example,DC=com";
"Office 2" = "OU=Office 2,OU=My Company
Users,DC=example,DC=com";
"Office 3" = "OU=Office 3,OU=My Company
Users,DC=example,DC=com";
"Office 4" = "OU=Office 4,OU=My Company
Users,DC=example,DC=com";}
$allusers = "Company Email
$Office1Groups = "Office 1
$Office2Groups = "Office 2
$Office3Groups = "Office 3
$Office4Groups = "Office 4
Group"
Security
Security
Security
Security
Group",
Group",
Group",
Group",
"Office
"Office
"Office
"Office
1
2
3
4
Email
Email
Email
Email
Group"
Group"
Group"
Group"
#endregion
#region Global Variables
$dc = 'myDC.example.com'
$exchangedb = $null
#endregion
Function Get-UserData
{
[cmdletbinding()]
param()
BEGIN{
Write-Verbose "Beginning data collection for new user account"
}
PROCESS{
$givenName = Read-Host "Enter New User First Name"
$surname = Read-Host "Enter New User Last Name"
$initials = Read-Host "Enter New User Middle Initial (leave blank for
none)"
$samAccountName = Read-Host "Enter New User Logon Name"
$userPrincipalName = $samAccountName + "@example.com"
$physicalDeliveryOfficeName = Read-Host "`
Available Office Locations
-------------------------Office1
Office2
Office3
Office4`n
Select Office Location"
$department = Read-Host "Enter New User Department Number"
$description = Read-Host "Enter New User Department Name"
$manager = Read-Host "Enter New User Supervisor as logon name (ex:
jsmith for John Smith)"
$displayName = $surname + ", " + $givenName
$personalTitle = Read-Host "Enter New User Job Title"
$userdirectory = "\\" + (Read-Host "Servername for user drive") +
"\users\" + $samAccountName
$newUser = New-Object -TypeName PSObject -Property @{'givenName' =
$givenName;
'surname' =
$surname;
'initials' =
$initials;
'samAccountName'
= $samAccountName;
'userPrincipalName' = $userPrincipalName;
'physicalDeliveryOfficeName' = $physicalDeliveryOfficeName;
'department' =
$department;
'description' =
$description;
'manager' =
$manager;
'displayName' =
$displayName;
'personalTitle'
= $personalTitle;
'userdirectory'
= $userdirectory;}
Write-Verbose "New User Generated. User will be built with the
following AD attributes:"
Write-Verbose "First Name: $($newUser.givenName)"
Write-Verbose "Last Name: $($newUser.surname)"
Write-Verbose "Middle Initial: $($newUser.initials)"
Write-Verbose "samAccountName: $($newUser.samAccountName)"
Write-Verbose "UserPrincipalName: $($newuser.userPrincipalName)"
Write-Verbose "physicalDeliveryOfficeName:
$($newuser.physicalDeliveryOfficeName)"
Write-Verbose "Department Number: $($newUser.department)"
Write-Verbose "Department Name: $($newuser.description)"
Write-Verbose "Manager: $($newuser.manager)"
Write-Verbose "Display Name: $($newuser.displayName)"
Write-Verbose "Title: $($newuser.personalTitle)"
Write-Verbose "User Directory: $($newUser.userdirectory)"
Write-Verbose "Returning New User object for further processing"
return $newUser
}
END{
# Write-Verbose "Data collection complete.
further processing"
}
}
Function Build-User
{
#region Parameters - mandatory and not
[cmdletbinding()]
param(
Returned new user for
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$samAccountName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$displayName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$UserPrincipalName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$givenName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$surname,
[Parameter(ValueFromPipeline=$True,
Mandatory=$False)]
$initials,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$PhysicalDeliveryOfficeName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$department,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$description,
[Parameter(ValueFromPipeline=$True,
Mandatory=$False)]
$manager,
[Parameter(ValueFromPipeline=$True,
Mandatory=$False)]
$personalTitle,
[Parameter(ValueFromPipeline=$True,
Mandatory=$False)]
$userdirectory
)
#endregion
BEGIN{
Write-Verbose "Parameter Checks Passed, No further pre-processing
checks to perform"
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
Write-Verbose
"Values used are:"
$samAccountName
$displayName
$UserPrincipalName
$givenName
$initials
$surname
$department
$description
$manager
$personalTitle
$userdirectory
}
PROCESS{
New-ADUser -SamAccountName $samAccountName -name $displayName UserPrincipalName $userPrincipalName `
-GivenName $givenName -Surname $surname -Initials
$initials -Office $physicalDeliveryOfficeName `
-Department $department -Description $description -Manager
$manager -DisplayName $displayName `
-Title $personalTitle -StreetAddress
$streetAddress.$physicalDeliveryOfficeName `
-OfficePhone $telephoneNumber.$physicalDeliveryOfficeName
`
-Fax $facsimileTelephoneNumber.$physicalDeliveryOfficeName
`
-PostalCode $postalCode.$physicalDeliveryOfficeName `
-City $l.$physicalDeliveryOfficeName `
-State $st.$physicalDeliveryOfficeName `
-Company "Example.com Company" `
-HomeDirectory $userdirectory `
-HomeDrive "Z:" `
-AccountPassword (Read-Host -AsSecureString "Password")`
-Enabled $true -server $dc
Write-Output "Building User Directory"
if (test-path $userdirectory)
{
Write-Host "`nUser Directory Exists, creating user
$userPrincipalName..."
}
else
{
write-host "`n`nUser Directory Does Not Exists,
Creating directory $userDirectory..."
mkdir $userdirectory
write-host "`n`n$userdirectory created."
Write-Host "`n`nCreating user $userPrincipalName`n"
}
Write-Output "Replicating changes from $dc to domain"
Replicate-Changes
Write-Verbose "Sleeping for 5 seconds while replication
begins"
Start-Sleep -s 5
Write-Output "Moving User to OU
$($userOU.$PhysicalDeliveryOfficeName)"
Get-ADUser $samAccountName | Move-ADObject -TargetPath
$userOU.$physicalDeliveryOfficeName
}
END{
Write-Verbose "Replicating Changes from Domain Controller
throughout domain"
Replicate-Changes
Write-Verbose "Replication Complete"
Write-Verbose "Exiting Build-User Function"
}
}
Function Add-Groups
{
[cmdletbinding()]
param(
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$samAccountName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$physicalDeliveryOfficeName
)
#region - Standard Groups
foreach ($group in $allusers)
{
Add-ADGroupMember $group $samAccountName
Write-Host "Added $userPrincipalName ($surname, $givenName) to
$group"
}
#endregion
#region - Per Office Groups - also sets exchange database
if ($physicalDeliveryOfficeName -eq "Office1")
{
foreach ($group in $AbingdonGroups)
{
Add-ADGroupMember $group $samAccountName
Write-Host "Added $userPrincipalName ($surname, $givenName) to
$group"
}
$exchangeDB="DB1"
}
elseif ($physicalDeliveryOfficeName -eq "Office2")
{
foreach ($group in $AlbuquerqueGroups)
{
Add-ADGroupMember $group $samAccountName
Write-Host "Added $userPrincipalName ($surname, $givenName) to
$group"
}
$exchangeDB="DB2"
}
elseif ($physicalDeliveryOfficeName -eq "Office3")
{
foreach ($group in $AnchorageGroups)
{
Add-ADGroupMember $group $samAccountName
Write-Host "Added $userPrincipalName ($surname, $givenName) to
$group"
}
$exchangeDB="DB3"
}
elseif ( ($physicalDeliveryOfficeName -eq "Office4") -or
($physicalDeliveryOfficeName -eq "Office 4"))
{
foreach ($group in $AnnArborGroups)
{
Add-ADGroupMember $group $samAccountName
Write-Host "Added $userPrincipalName ($surname, $givenName) to
$group"
}
$exchangeDB="DB4"
}
else
{
Write-Host "Could Not Find Office Location.
Groups"
}
#endregion
return $exchangeDB
}
Function Replicate-Changes
{
[cmdletbinding()]
User Not Added to
param()
BEGIN{}
PROCESS{
repadmin /syncall dc1.example.com | Out-Null
}
END{}
}
Function Build-Mailbox
{
[cmdletbinding()]
param(
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$exchangeDB,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$samAccountName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$enablemailbox
)
if ( ($enablemailbox -eq "Y") -or ($enablemailbox -eq "y") -or
($enablemailbox -eq "Yes") -or ($enablemailbox -eq "yes") -or
($enablemailbox -eq "YES") )
{
Write-Output "Building Mailbox for $samAccountName in database
$exchangeDB"
$Session = New-PSSession -ConfigurationName Microsoft.Exchange ConnectionUri http://exchange2013server.example.com/PowerShell/ -Name
MakeMailbox -Authentication Kerberos
Import-PSSession $Session | Out-Null
Enable-Mailbox -Identity example.com\$samAccountName -Database
$exchangeDB | Out-Null
$sessionID = Get-PSSession -Name MakeMailbox | Select-Object ExpandProperty Id
Remove-PSSession -Id $sessionID | Out-Null
}
else
{
Write-Output "Mailbox will not be created"
}
}
Function Send-email
{
[cmdletbinding()]
param(
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$manager,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$surname,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$givenName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$samAccountName,
[Parameter(ValueFromPipeline=$True,
Mandatory=$True)]
$personalTitle
)
Send-MailMessage -To "$manager@example.com" -Cc
"helpdesk@example.com" -Subject "New User Account" `
-From "NewAccounts@example.com" -SmtpServer
"exchange2013server.example.com" `
-Body "New Account has been created for: $surname,
$givenName`n
LogonName: example.com\$samAccountName
Title: $personalTitle
Manager: $manager
Password:P@ssw0rd
Please note the following:
Purchase requisitions for IT equipment should be submitted as soon as
possible.
Thank you,
example.com IT department"
}
Function Create-User #this is the "cmdlet" you use / the "Main()"
function to call when building a user. The rest of the function calls
are contained within this one.
{
<#
.SYNOPSIS
Create-User is a "main" function that calls several others to build a new
Active Directory User Account on the
domain controller specified in the "$dc" variable at the beginning of the
script.
.DESCRIPTION
Create-User contacts the domain controller specified in the "$dc"
variable at the beginning of the script after prompting for the following
values:
First Name
Last Name
Middle Initial
User Logon Name
Office Location
Department Number
Department Name
Manager
Title
File Server to create user drive on.
Note that the user folder will be created on \\<File Server
Specified>\users\<username>
Verbose Output Supported.
.Example
The only syntax supported is:
Create-User
Create-User will call several other functions, prompt for input,
calculate values, and create the user and mailbox.
#>
[cmdletbinding()]
param()
BEGIN{}
PROCESS{
$user = Get-UserData
$samAccountName = $user.samAccountName
$displayName = $user.displayName
$userPrincipalName = $user.userPrincipalName
$givenName = $user.givenName
$surname = $user.surname
$initials = $user.initials
$physicalDeliveryOfficeName = $user.physicalDeliveryOfficeName
$department = $user.department
$description = $user.description
$manager = $user.manager
$personalTitle = $user.personalTitle
$userdirectory = $user.userdirectory
Build-User $samAccountName $displayName $userPrincipalName $givenName
$surname $initials $physicalDeliveryOfficeName $department $description
$manager $personalTitle $userdirectory
$exchangedb = Add-Groups $samAccountName $physicalDeliveryOfficeName
Replicate-Changes
$enableMailbox = Read-Host ("Enable User Mailbox (y or n)")
Build-Mailbox $exchangedb $samAccountName $enableMailbox
Send-email $manager $surname $givenName $samAccountName $personalTitle
Replicate-Changes
Write-Verbose "Disabling Account"
Set-ADUser $samAccountName -Enabled $false
Write-Verbose "Setting `"User Must Change Password at Next Logon`"
attribute"
Set-ADUser $samAccountName -ChangePasswordAtLogon $true
Write-Output
Write-Output
Write-Output
Write-Output
Write-Output
"User Summary"
"------------"
"Username: $displayName"
"Title: $personalTitle"
"Department: $department - $description"
$logtext = "
-------------------------------------New User Created
$(Get-Date)
-------------------------------------New User Name:`t`t $($user.DisplayName)
New User Logon Name:`t $($user.SamAccountName)
Department Number:`t $($user.Department)
Department Name:`t $($user.Description)
New User Manager:`t $($user.Manager)
`n`n"
$logtext >> \\fileServer1\PowershellLogs\NewUserLogs.txt
}
END{}
}
Create-User
Related documents
Surname and given name(s)
Surname and given name(s)
Application form
Application form
MA Approval of Minor Project or Research Paper
MA Approval of Minor Project or Research Paper
Pregnancy GP referral form for EMIS v0 5
Pregnancy GP referral form for EMIS v0 5
POLISH GENEALOGICAL SOCIETY OF MASSACHUSETTS
POLISH GENEALOGICAL SOCIETY OF MASSACHUSETTS
18 and 19 September 2015 UNIVERSITY OF ZAGREB, FACULTY
18 and 19 September 2015 UNIVERSITY OF ZAGREB, FACULTY
Download
advertisement