API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 13th, 2016
332
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PowerShell 5.85 KB | None | 0 0
raw download clone embed print report
  1. <# 
  2.     .NOTES
  3.     ===========================================================================
  4.      Created with:  SAPIEN Technologies, Inc., PowerShell Studio 2016 v5.2.122
  5.      Created on:    20/05/2016 11:08
  6.      Created by:    Scholesythe8th
  7.      Organization:  
  8.      Filename:      TMS Import to AD
  9.     ===========================================================================
  10.     .DESCRIPTION
  11.         A description of the file.
  12. #>
  13.  
  14. #The data in this script is pulled from a CSV(Comma Delimited) file
  15. remove-item C:\temp\disabledusers.csv -force
  16. remove-item C:\temp\newusers.csv -force
  17.  
  18. import-module ActiveDirectory
  19. Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
  20.  
  21. $Users = Import-Csv -Path "\\DC1\export\starters.csv"
  22. $leavers = Import-CSV -Path "\\DC1\export\leavers.csv"
  23. $disabledusers = @()
  24. $newusers = @()
  25.  
  26.     foreach ($leaver in $leavers)
  27.     {
  28.        
  29.         $leaverID = $leaver.EmployeeID
  30.         $leaversname = $leaver.firstname + " " + $leaver.Surname
  31.         $leaverbranch = $leaver.branch
  32.         #checks to see if the user ID is similar to "-" (basically ignores first line of CSV)
  33.         if ($leaverID -like "*-*") { continue }
  34.         else
  35.         {
  36.             #checks to see what length the wages number is and adds the E and appropriate number of 0's to the end of it.
  37.             if ("$leaverID".Length -eq 1) { $EID = ("$leaverID".insert(0, "E000000")) }
  38.             elseif ("$leaverID".Length -eq 2) { $EID = ("$leaverID".insert(0, "E00000")) }
  39.             elseif ("$leaverID".Length -eq 3) { $EID = ("$leaverID".insert(0, "E0000")) }
  40.             elseif ("$leaverID".Length -eq 4) { $EID = ("$leaverID".insert(0, "E000")) }
  41.             elseif ("$leaverID".Length -eq 5) { $EID = ("$leaverID".insert(0, "E00")) }
  42.             elseif ("$leaverID".Length -eq 6) { $EID = ("$leaverID".insert(0, "E0")) }
  43.             else { $EID = ("$leaverID".insert(0, "E")) }
  44.             #gets the DN of the Employee ID
  45.             $currentuser = get-aduser $EID -Properties *
  46.             if ($currentuser.DistinguishedName -like "*DPD*")
  47.             {
  48.                 continue
  49.             }
  50.             else
  51.             {
  52.                 #disable user account
  53.                 Disable-ADAccount -identity "$EID"
  54.                 #move disbaled account to ZZ-Leavers OU
  55.                 get-aduser "$EID" | Move-ADObject -TargetPath "OU=ZZ-Leavers,OU=users,DC=domain,DC=domain,DC=com"
  56.                
  57.                 $disabledusers += @([pscustomobject]@{
  58.                         EmployeeID = $EID
  59.                         Name = $leaversname
  60.                         TargetPath = "OU=ZZ-Leavers,OU=users,DC=domain,DC=domain,DC=com"
  61.                         Branch = $leaverbranch
  62.                     })
  63.             };
  64.         }
  65.        
  66.     }
  67.     $disabledusers | epcsv c:\temp\disabledusers.csv -not
  68.  
  69.     foreach ($User in $Users)
  70.     {
  71.        
  72.         #$SAM = $user.NewID
  73.         $enumber = $User.employeeid
  74.         if ($enumber -like "*-*") { continue }
  75.         if ("$enumber".Length -eq 5) { $EID = ("$enumber".insert(0, "E00")) }
  76.         elseif ("$enumber".Length -eq 6) { $EID = ("$enumber".insert(0, "E0")) }
  77.         else { $EID = ("$enumber".insert(0, "E")) }
  78.         #If user doesn't already exist, assign the new users information to the following variables in preperation for creating their account
  79.         $Displayname = $User.Firstname + " " + $User.surname
  80.         $UserFirstname = $User.Firstname
  81.         $UserLastname = $User.Surname
  82.         $domain = "domain"
  83.         $SAM = $EID
  84.         $UPN = $SAM + "@domain.domain.com"
  85.         $Description = $User.JobTitle
  86.         $Password = "Password01" #what ever you want the default password to be set to, can be randomised
  87.         $Department = $user.Department
  88.         $Title = $user.JobTitle
  89.         $officephone = $user.WorkPhone
  90.         $Company = "COMPANY"
  91.         $Office = $user.Branch
  92.         #Creates an H Drive for the user
  93.         $HomeDirectory = "\\DFSServer\fs\home\users\$SAM"
  94.         New-Item -ItemType Directory -path $HomeDirectory
  95.    
  96.    
  97.     #List of branches - This list determines what OU the newly created user will end up in once they have been created
  98.     #List is normally much longer but I've reduced it for the purpose of this experiment
  99.         if ($user.BranchName -like "*Branch*") { $OU = "OU=Branch,OU=Blah,OU=Blah,OU=users,DC=domain,DC=domain,DC=com" }
  100.         else { $OU = "OU=TMSImport,OU=Blah,OU=users,DC=domain,DC=domain,DC=com" }
  101.        
  102.         #create new user using the variables we filled out earlier in the script
  103.         New-ADUser -Name "$Displayname" -DisplayName "$Displayname" -SamAccountName $SAM -UserPrincipalName $UPN -GivenName "$UserFirstname" -Surname "$UserLastname" -Description "$Description" -Department "$department" -Title "$title" -Office "$office" -Company "$company" -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -Enabled $true -Path "$OU" -server DC2.domain.domain.com -homedrive "H" -homedirectory "\\domain.domain.com\fs\Home\Users\$SAM"
  104.         #enable that user for email
  105.         Enable-Mailbox -DomainController DC2.domain.domain.com -identity "$SAM"
  106.         #set mailbox quota for that user to the default of 500MB
  107.         set-mailbox -DomainController DC2.domain.domain.com -identity $SAM -UseDatabaseQuotaDefaults $false -IssueWarningQuota 0.45GB -ProhibitSendQuota 0.49GB -ProhibitSendReceiveQuota 0.50GB
  108.         #diasble activesync for new user (company policy) - ActiveSync needs to be enabled manually on a per user basis
  109.         set-casmailbox -DomainController DC2.domain.domain.com -Identity $SAM -ActiveSyncEnabled $false
  110.        
  111.         $newusers += @([pscustomobject]@{
  112.                 EmployeeID = $EID
  113.                 Name = $displayname
  114.                 TargetPath = $OU
  115.                 Branch = $office
  116.             })
  117.        
  118.         #Get current permissions for the home drive we created earlier and set the permissions to allow the new user to access it
  119.         $acl = Get-Acl \\DFSServer\fs\home\users\$SAM
  120.         $ace = New-Object System.Security.AccessControl.FileSystemAccessRule("domain\$SAM", "Modify", "None", "None", "Allow")
  121.         $acl.AddAccessRule($ace)
  122.         $acl | Set-Acl
  123.     }
  124.    
  125.     $newusers | epcsv c:\temp\newusers.csv -not
  126.  
  127. #This section emails out the spreadsheets to the list of users below
  128. $toemails = "scholesythe8th@domain.com"
  129.  
  130. foreach ($emailrecipient in $toemails){
  131. Send-MailMessage -SmtpServer "smtp.domain.com" -From "TMSImport@domain.com" -To "$emailrecipient" -Subject "TMS New and Disabled users - " -Attachments “c:\temp\disabledusers.csv”, “c:\temp\newusers.csv"
  132. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!