Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $userlist = Import-csv -Delimiter ";" "C:\users.csv" **Importerar användarnamn, lösenord och annat som kan komma behövas**
- function Convert-DiacriticCharacters
- {
- param(
- [string]$inputString
- )
- [string]$formD = $inputString.Normalize(
- [System.text.NormalizationForm]::FormD
- )
- $stringBuilder = new-object System.Text.StringBuilder
- for ($i = 0; $i -lt $formD.Length; $i++){
- $unicodeCategory = [System.Globalization.CharUnicodeInfo]::GetUnicodeCategory($formD[$i])
- $nonSPacingMark = [System.Globalization.UnicodeCategory]::NonSpacingMark
- if($unicodeCategory -ne $nonSPacingMark){
- $stringBuilder.Append($formD[$i]) | out-null
- }
- **Ovan ses en funktion där alla ovanliga tecken och å,ä,ö blir utbytta**
- }
- $stringBuilder.ToString().Normalize([System.text.NormalizationForm]::FormC)
- }
- # Loop to process each row of the CSV file
- foreach ($row in $userlist)
- {
- $password = $row.Password
- $Lastname = $row.Lastname
- $Firstname = $row.Firstname
- $username = $row.Firstname.substring(0,2) + $row.Lastname.substring(0,2)
- $username = $username.tolower()
- $role = $row.Role
- $email =$row.Email
- $email = Convert-DiacriticCharacters $email
- $grupper = $row.Department
- $userDN = " "
- $group = " "
- $rulegroup = " "
- **Ovan deklareras variablar som kommer att användas nedan**
- if ($grupper -eq "Sales")
- {
- $testOU = "Sales"
- }
- elseif ($grupper -eq "RND")
- {
- $testOU = "Research and Development"
- }
- elseif ($grupper -eq "Finance")
- {
- $testOU = "Administrative personnel"
- }
- elseif ($grupper -eq "HR")
- {
- $testOU = "Administrative personnel"
- }
- elseif ($grupper -eq "Ledning")
- {
- $testOU = "Administrative personnel"
- }
- **Ovan ses en if-sats där scriptet tittar om $grupper = "någon grupp". Om detta är sant sätts den personen i det OU som sätts med variabeln $testOU **
- $testOU = New-Object system.directoryservices.directoryentry ("LDAP://OU=$testOU,OU=Accounts,DC=ford,DC=nsa,DC=his,DC=se")
- **Här sätts variabeln testOU till det som variabeln $grupper satts till**
- $searcher = New-Object system.directoryservices.directorysearcher("LDAP://OU=$testOU,OU=Accounts,DC=ford,DC=nsa,DC=his,DC=se")
- $search = 1
- $add = 0
- $usernameold = $username
- while($search -eq 1)
- {
- $searcher.filter = "(&(objectClass=user)(sAMAccountName=$Username))"
- $result = $searcher.FindAll()
- if($result.count -gt 0)
- {
- $add++
- $username = $usernameold + $add
- }
- else
- {
- $search = 0
- }
- }
- **Ovan ses en while-loop som används i det läge då det finns två användare med samma namn. Den nyaste av dessa döps då med en etta efter namnet. Kommer det sedan en till, så blir det en tvåa.**
- # Set necessary properties
- $userAccount = $testOU.psbase.get_children().add("CN=$Firstname $Lastname ($username)","User")
- $userAccount.put("userPrincipalName", $username)
- $userAccount.put("sAMAccountName", $username)
- $userAccount.put("sn", $Lastname)
- $userAccount.put("mail", $email)
- $userAccount.put("givenName", $Firstname)
- $userAccount.psbase.CommitChanges()
- $userAccount.SetPassword($row.Password)
- $userAccount.psbase.Invoke("SetPassword", "Syp9595")
- # Enable the user account
- $userAccount.psbase.InvokeSet("AccountDisabled", $false)
- # Commit changes again
- $userAccount.psbase.CommitChanges()
- if ($grupper -eq "Sales")
- {
- $testOU = "Sales"
- $group = New-Object system.directoryservices.directoryentry ("LDAP://CN=Sales,OU=Role,OU=Groups,DC=ford,DC=nsa,DC=his,DC=se")
- $userDN = $userAccount.distinguishedName
- $group.psbase.invoke("Add","LDAP://"+$userDN)
- $group.psbase.CommitChanges()
- }
- elseif ($grupper -eq "RND")
- {
- $testOU = "Research and Development"
- $group = New-Object system.directoryservices.directoryentry ("LDAP://CN=R&D,OU=Role,OU=Groups,DC=ford,DC=nsa,DC=his,DC=se")
- $userDN = $userAccount.distinguishedName
- $group.psbase.invoke("Add","LDAP://"+$userDN)
- $group.psbase.CommitChanges()
- }
- elseif ($grupper -eq "Finance")
- {
- $testOU = "Administrative personnel"
- $group = New-Object system.directoryservices.directoryentry ("LDAP://CN=Finance,OU=Role,OU=Groups,DC=ford,DC=nsa,DC=his,DC=se")
- $userDN = $userAccount.distinguishedName
- $group.psbase.invoke("Add","LDAP://"+$userDN)
- $group.psbase.CommitChanges()
- }
- elseif ($grupper -eq "HR")
- {
- $testOU = "Administrative personnel"
- $group = New-Object system.directoryservices.directoryentry ("LDAP://CN=AP,OU=Role,OU=Groups,DC=ford,DC=nsa,DC=his,DC=se")
- $userDN = $userAccount.distinguishedName
- $group.psbase.invoke("Add","LDAP://"+$userDN)
- $group.psbase.CommitChanges()
- }
- elseif ($grupper -eq "Ledning")
- {
- $testOU = "Administrative personnel"
- $group = New-Object system.directoryservices.directoryentry ("LDAP://CN=Executives,OU=Role,OU=Groups,DC=ford,DC=nsa,DC=his,DC=se")
- $userDN = $userAccount.distinguishedName
- $group.psbase.invoke("Add","LDAP://"+$userDN)
- $group.psbase.CommitChanges()
- }
- **Ovan följer en liknande if-sats, fast där personen läggs i rätt säkerhetsgrupp. Ett exempel: om personen har satts i OUt "Administrative personnel" så sätts variabeln "group" till Executives.**
- #echo $username $lastname $firstname $role $password
- }
Add Comment
Please, Sign In to add comment