Forewarned, I use Quest's snappin for this.Standard Variables:* FirstNam

1. Forewarned, I use Quest's snappin for this.
2.  
3. Standard Variables:
4.  
5. * FirstName
6. * LastName
7. * SamAccountName
8. * Department
9. * Title
10. * Company
11. * Description
12. * PhoneNumber
13. * ipPhone
14. * CopyUser (If you need to copy a user)
15. * ParentContainer (General location of where they'll land when created, plus the $Department.  You'll see in a minute.)
16. * Office
17. * LogonScript
18.  
19. Custom Variables:
20.  
21. * To = HelpDesk
22. * From = HelpDesk
23. * SMTP = <Your SMTP server>
24. * NewUser="Employee Name"
25. * StartDate="The start date is MM/DD/YYYY"
26.  
27. * SoftwareDeploy1 (You would make this either 0 or 1 and depending on the number, have an IF statement that would do something...or not.)
28. * SoftwareDeploy2 (You would make this either 0 or 1 and depending on the number, have an IF statement that would do something...or not.)
29. * SoftwareDeploy3 (You would make this either 0 or 1 and depending on the number, have an IF statement that would do something...or not.)
30. * HardwareDeploy1 (An example would be $iPhone=1.  All of these deploys would generate emails, so this is purely an email that is generated.)
31. * HardwareDeploy2 (All of these deploys would generate emails, so this is purely an email that is generated.)
32. * HardwareDeploy3 (All of these deploys would generate emails, so this is purely an email that is generated.)
33.  
34. New-QADUser -FirstName $Firstname -LastName $Lastname -Department $Department -Title $Title -Company $Company -MobilePhone $MobileNumber -Office $Office -PhoneNumber $PhoneNumber -Description $Description -LogonScript $LogonScript -ParentContainer ("$ParentContainer" + "$Department") -Name "$Firstname $Lastname" -SamAccountName $SamAccountName -UserPrincipalName $SamAccountName@DOMAIN -DisplayName "$Firstname $Lastname"
35. Set-QADUser $SamAccountName -ObjectAttributes @{ipPhone=$ipPhone}
36.  
37. $UserLoad = Get-QADUser $SamAccountName
38.  
39. Set-QADUser "$SamAccountName" -UserPassword "DEFAULTPASSWORD"
40.  
41. Enable-QADUser "$SamAccountName"
42.  
43. $Var1 = Get-QADUser $COPYUSER | Select -ExpandProperty MemberOf
44.  
45. foreach
46. ($strVar1 in $Var1)
47.  
48. {Get-QADUser $SamAccountName | Add-QADGroupMember $strVar1}
49.  
50. Get-QADUser "$SamAccountName" | Add-QADGroupMember Group1
51. Get-QADUser "$SamAccountName" | Add-QADGroupMember Group2
52. Get-QADUser "$SamAccountName" | Add-QADGroupMember Group3
53. Get-QADUser "$SamAccountName" | Add-QADGroupMember Group4
54.  
55. # Create the "personal" share
56.  
57. $Homepath = ("\\DOMAIN\dfs$\Users\" + "$SamAccountName")
58.  
59. New-Item -ItemType Directory -Path $Homepath
60.  
61. $UserLoad.Name
62.    
63. $acl_var = Get-Acl $Homepath
64. $acl_var.SetAccessRuleProtection($True, $False)
65. $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Everyone","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
66. $acl_var.RemoveAccessRuleAll($rule)
67. $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($UserLoad,"Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
68. $acl_var.AddAccessRule($rule)
69. $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("DOMAIN\Domain Admins","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
70. $acl_var.AddAccessRule($rule)
71. Set-Acl $Homepath $acl_var
72.  
73. Here is an example of an email that is generated if iPhone=1.  You would do this for all other variables, if wanted.:
74.  
75. #iPhone Information - Start
76. if ($iPhone -eq "1")
77.  
78. {
79. $Subject = "New User: $NewUser - iPhone - $StartDate"
80. $CC = "Level 2 <[email protected]>"
81. Send-MailMessage -to $To -cc $CC -from $From -subject $Subject -body " " -smtpServer $SMTP
82. }
83. else
84. {}
85. #iPhone Information - End