Powershell create users amd shared folders

1. cls
2.  
3. # this script requires two additional modules to operate.
4. # AD module is included with microsoft server2008r2 by default
5. # carbon module can be downloaded from: get-carbon.org
6. #
7. #
8. #script created by: Miha Jelenc, jelenc(.)miha(at)gmail(.)com
9. #
10.  
11. import-module activedirectory
12.  
13. #location of your log files, it you don't need them, just comment out the lines below
14. #
15.  
16. $log_location = read-host "where would you like the log file located? (in the form of drive:\folder\subfolder\) "
17. $results = $log_location + "log.txt"
18. if(!(test-path $log_location)){
19. new-item $log_location -type directory
20. new-item $results -type file
21. }
22.  
23. #create a new organizational unit in which other organizational units (ou's) will be created - this is optional,
24. #you can use the rest of the script to insert ou's directly into your something.somewhere.com domain
25. #instead of $organizational_unit_name put tha name of ou you want to add to active directory
26. #instead of "ou=vaje,dc=sandbox,dc=local" put the desired path for your ou
27. #protection from deletion parameter is optional
28. #
29.  
30. $topou = read-host "write the name of parent organizational unit"
31. $group = get-adorganizationalunit -filter {name -eq $topou}
32. if ($group -eq $null) {
33. write-output "creating ou account:" $topou | out-file $results -append
34. new-adorganizationalunit -name $topou -path "ou=vaje,dc=sandbox,dc=local" -protectedfromaccidentaldeletion $false
35. }
36. else {write-output "this organizational unit allready exists: " $topou}
37.  
38. #insert the path to your csv file with the user data and ou data. Csv file must be formated like the below lines in order for this script to work:
39. #organizationalunit,surname,name,username,email,password
40. #ouname,doe,john,doej99,doej99@somewhere.com,123456
41. #you can add or remove some fields, only ou,username and password are required for the script to work
42. #first line contains the column names, second line and onwards contains actual user information
43. #
44.  
45. $yourcsv = read-host "enter the path to your .csv file" | import-csv
46. $unique = $yourcsv | sort-Object -property Organizationalunit -unique
47.  
48. # next you will be propmted to enter the path to you shared folder location. the path should be in "drive:\directory\subdirectory" format
49. #
50.  
51. $folder = read-host "path to your shared folders' location"
52. $rootpath = read-host "local path to users' network drives"
53.  
54. #the if loop checks if the folder allready exists otherwise it creates a new folder in the specified path
55. #
56.  
57. Write-host "working..."
58. if(!(test-path $folder)){
59. new-item $folder -type directory | out-file $results -append
60. }
61.  
62. #the below for loop will create ou's based on your .csv, create shared folders for each ou and create ad security groups inside ou's
63. #
64.  
65. foreach ($_organizationalunit in $unique) {
66. $adou= $_organizationalunit.OrganizationalUnit
67. $group = get-adorganizationalunit -filter { name -eq $adou}
68.  
69. #if loop tests for existence of each organizational unit in .csv, if the name isn't found in active directory a new organizational unit is created
70. #
71.  
72. if ($group -eq $null) {
73. write-output "creating ou account:" $adou | out-file $results -append
74. new-adorganizationalunit -name $adou -path "ou=$topou,ou=Vaje,dc=sandbox,dc=local" -protectedfromaccidentaldeletion $false
75. }
76.  
77. #if loop checks for existence of shared folder for each organizational group and creates one if it doesn't exist
78. #
79.  
80. $newfolder = join-path -path $folder -childpath $adou
81. if(!(test-path $newfolder)){
82. new-item $newfolder -type directory | out-file $results -append
83. write-output "creating new group folder:" $adou | out-file $results -append
84. }
85.  
86. #a new security group inside the organizational unit for easier sharing of folder and user rights managment
87. #
88.  
89. $security = get-adgroup -filter { name -eq $adou}
90. if ($security -eq $null) {
91. new-adgroup -samaccountname $adou -name $adou -path "ou=$adou,ou=$topou,ou=Vaje,dc=sandbox,dc=local" -groupscope global
92. write-output "new security group created" $adou | out-file $results -append
93. }
94.  
95. $sharegroup = "SANDBOX\" + $adou
96.  
97. #newly created folder is shared with following permissions: administrators have full rights and users within the organizational unit have change access
98. #
99.  
100. $smbshare = Get-WmiObject win32_share | where {$_.name -eq $adou}
101. if ($smbshare -eq $null){
102. new-smbshare -name $adou -path $newfolder -changeaccess $sharegroup -fullaccess "builtin\administrators" | out-file $results -append
103. }
104. else {
105. write-output $adou "allready exist" | out-file $results -append
106. }
107. }
108.  
109. #populate the newly created organizational units with users
110. #
111.  
112. foreach ($_organizationalunit in $yourcsv) {
113.  
114. #collect information from csv file
115. #
116.  
117. $adou= $_organizationalunit.OrganizationalUnit
118. $user= $_organizationalunit.username
119. $lastname = $_organizationalunit.surname
120. $name = $_organizationalunit.name
121. $email = $_organizationalunit.email
122. $pass =$_organizationalunit.password
123.  
124. #convert password to secure string
125. #
126.  
127. $password = convertto-securestring $pass -asplaintext -force
128.  
129. #this will later on make sure the user is created in the correct adou
130. #
131.  
132. $organization = get-adorganizationalunit -filter {name -eq $adou}
133. $adusercontainer = $organization.distinguishedname
134. $aduser = get-aduser -filter {samaccountname -eq $user}
135. $display = $name + " " + $lastname
136.  
137. #replace $domain with your domain name
138. #
139.  
140. $homegroup = "sandbox\" + $adou
141.  
142. #create necessary variables for succesfull user creation
143. #
144.  
145. $path = join-path -path $rootpath -childpath $adou
146. $subpath = join-path -path $path -childpath $user
147. $samba = "sandbox\" + $user
148.  
149. #create user if he or she doesn't allready exist
150. #
151. #if loop checks if the user directory allready exists
152. #
153. if(!(test-path $subpath)){
154. new-item $subpath -type directory
155. write-output "user folder created: "$subpath | out-file $results -append
156. }
157. else {
158. write-output "this user folder allready exists: " $subpath | out-file $results -append
159. }
160.  
161. #if loop checks if the user exists
162. #
163.  
164. if ($aduser -eq $null) {
165. #replace $servername with the network location of user folders and $domain with your domain logon
166. #
167. $net_drive = "\\ADSM1\" + $user
168. write-output "creating user account:" $user | out-file $results -append
169. new-aduser -samaccountname $user -name $display -path $adusercontainer -UserPrincipalName $email -givenname $name -surname $lastname -displayname $display -accountpassword $password -emailaddress $email -homedirectory $net_drive -homedrive "h:" -enabled $true
170. add-adgroupmember -identity $adou -member $user
171. }
172. else {
173. write-output "this user allready exists: " $user | out-file $results -append
174. }
175. # $smbuser = Get-WmiObject win32_share | where {$_.name -eq $user}
176. # if ($smbuser -eq $null) {
177. # new-smbshare -name $user -path $subpath -changeaccess $samba -fullaccess "builtin\administrators" | out-file $results -append
178. # }
179. # else {
180. # write-output $user "folder is allready shared" | out-file $results -append
181. # }
182. }
183. Write-host "...completed successfully"
184. Write-host "results can be found here:" $results