Untitled

#DIRECTIONS
#
#You must run this using an administrator powershell instance specifically on DC02

#If (-NOT ([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Domain Administrator"))

Set-executionpolicy Unrestricted -force
Import-Module 'C:\Program Files\Microsoft Azure AD Sync\Bin\ADSync\ADSync.psd1'

$FirstName = Read-Host -Prompt 'First Name'
$LastName = Read-Host -Prompt 'Last Name'
$Name = "$FirstName $LastName"
$JobTitle = Read-Host -Prompt 'Job Title (Installer, Lineman, CSR)'
$SamAccountName = $FirstName.ToLower()+'.'+$LastName.ToLower()
$password = 'Temporary123' | ConvertTo-SecureString -AsPlainText -Force
$email = "$SamAccountName@dfn.net"
$userBase = "OU=OU,DC=DOMAIN,DC=local"

#Privs
$cred = get-credential
Connect-AzureAD -credential $cred
Connect-MsolService -credential $cred

#Add user to AD
$newUser = New-ADUser -Name $Name -SamAccountName $SamAccountName -Path $userBase -AccountPassword $password -ChangePasswordAtLogon $True
echo "User has been added to AD."

#Add user to corresponding group
$groupAdd = Add-ADGroupMember -Identity $JobTitle -Members $SamAccountName
echo "User has been added to $JobTitle group." ""

#Azure AD Sync trigger
echo "Azure AD Syncing now..."
$sync = Start-ADSyncSyncCycle
echo "Sync completed." ""
echo "Provisioning in Office 365..."
echo "Check O365 User list to verify sync completion here: https://admin.microsoft.com/AdminPortal/Home#/users"


$azureADStatus = $(try {get-azureaduser -filter "userPrincipalName eq '$email'"} -catch {$null})
if ($check -ne $null){
else { $check }
}


$UPNset = Set-MsolUserPrincipalName -UserPrincipalName "$SamAccountName@fakedomain.onmicrosoft.com" -NewUserPrincipalName "$email"
$locationSet = Set-MsolUser -UserPrincipalName "$email" -UsageLocation US
$licenseSet = Set-MsolUserLicense -UserPrincipalName "$email"-AddLicenses fakedomain:O365_BUSINESS_PREMIUM
echo "Completed."