Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#
- .NOTES
- ===========================================================================
- Created with: SAPIEN Technologies, Inc., PowerShell Studio 2016 v5.2.122
- Created on: 20/05/2016 11:08
- Created by: Scholesythe8th
- Organization:
- Filename: TMS Import to AD
- ===========================================================================
- .DESCRIPTION
- A description of the file.
- #>
- #The data in this script is pulled from a CSV(Comma Delimited) file
- remove-item C:\temp\disabledusers.csv -force
- remove-item C:\temp\newusers.csv -force
- import-module ActiveDirectory
- Add-PSSnapin Microsoft.Exchange.Management.PowerShell.SnapIn
- $Users = Import-Csv -Path "\\DC1\export\starters.csv"
- $leavers = Import-CSV -Path "\\DC1\export\leavers.csv"
- $disabledusers = @()
- $newusers = @()
- foreach ($leaver in $leavers)
- {
- $leaverID = $leaver.EmployeeID
- $leaversname = $leaver.firstname + " " + $leaver.Surname
- $leaverbranch = $leaver.branch
- #checks to see if the user ID is similar to "-" (basically ignores first line of CSV)
- if ($leaverID -like "*-*") { continue }
- else
- {
- #checks to see what length the wages number is and adds the E and appropriate number of 0's to the end of it.
- if ("$leaverID".Length -eq 1) { $EID = ("$leaverID".insert(0, "E000000")) }
- elseif ("$leaverID".Length -eq 2) { $EID = ("$leaverID".insert(0, "E00000")) }
- elseif ("$leaverID".Length -eq 3) { $EID = ("$leaverID".insert(0, "E0000")) }
- elseif ("$leaverID".Length -eq 4) { $EID = ("$leaverID".insert(0, "E000")) }
- elseif ("$leaverID".Length -eq 5) { $EID = ("$leaverID".insert(0, "E00")) }
- elseif ("$leaverID".Length -eq 6) { $EID = ("$leaverID".insert(0, "E0")) }
- else { $EID = ("$leaverID".insert(0, "E")) }
- #gets the DN of the Employee ID
- $currentuser = get-aduser $EID -Properties *
- if ($currentuser.DistinguishedName -like "*DPD*")
- {
- continue
- }
- else
- {
- #disable user account
- Disable-ADAccount -identity "$EID"
- #move disbaled account to ZZ-Leavers OU
- get-aduser "$EID" | Move-ADObject -TargetPath "OU=ZZ-Leavers,OU=users,DC=domain,DC=domain,DC=com"
- $disabledusers += @([pscustomobject]@{
- EmployeeID = $EID
- Name = $leaversname
- TargetPath = "OU=ZZ-Leavers,OU=users,DC=domain,DC=domain,DC=com"
- Branch = $leaverbranch
- })
- };
- }
- }
- $disabledusers | epcsv c:\temp\disabledusers.csv -not
- foreach ($User in $Users)
- {
- #$SAM = $user.NewID
- $enumber = $User.employeeid
- if ($enumber -like "*-*") { continue }
- if ("$enumber".Length -eq 5) { $EID = ("$enumber".insert(0, "E00")) }
- elseif ("$enumber".Length -eq 6) { $EID = ("$enumber".insert(0, "E0")) }
- else { $EID = ("$enumber".insert(0, "E")) }
- #If user doesn't already exist, assign the new users information to the following variables in preperation for creating their account
- $Displayname = $User.Firstname + " " + $User.surname
- $UserFirstname = $User.Firstname
- $UserLastname = $User.Surname
- $domain = "domain"
- $SAM = $EID
- $UPN = $SAM + "@domain.domain.com"
- $Description = $User.JobTitle
- $Password = "Password01" #what ever you want the default password to be set to, can be randomised
- $Department = $user.Department
- $Title = $user.JobTitle
- $officephone = $user.WorkPhone
- $Company = "COMPANY"
- $Office = $user.Branch
- #Creates an H Drive for the user
- $HomeDirectory = "\\DFSServer\fs\home\users\$SAM"
- New-Item -ItemType Directory -path $HomeDirectory
- #List of branches - This list determines what OU the newly created user will end up in once they have been created
- #List is normally much longer but I've reduced it for the purpose of this experiment
- if ($user.BranchName -like "*Branch*") { $OU = "OU=Branch,OU=Blah,OU=Blah,OU=users,DC=domain,DC=domain,DC=com" }
- else { $OU = "OU=TMSImport,OU=Blah,OU=users,DC=domain,DC=domain,DC=com" }
- #create new user using the variables we filled out earlier in the script
- New-ADUser -Name "$Displayname" -DisplayName "$Displayname" -SamAccountName $SAM -UserPrincipalName $UPN -GivenName "$UserFirstname" -Surname "$UserLastname" -Description "$Description" -Department "$department" -Title "$title" -Office "$office" -Company "$company" -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -Enabled $true -Path "$OU" -server DC2.domain.domain.com -homedrive "H" -homedirectory "\\domain.domain.com\fs\Home\Users\$SAM"
- #enable that user for email
- Enable-Mailbox -DomainController DC2.domain.domain.com -identity "$SAM"
- #set mailbox quota for that user to the default of 500MB
- set-mailbox -DomainController DC2.domain.domain.com -identity $SAM -UseDatabaseQuotaDefaults $false -IssueWarningQuota 0.45GB -ProhibitSendQuota 0.49GB -ProhibitSendReceiveQuota 0.50GB
- #diasble activesync for new user (company policy) - ActiveSync needs to be enabled manually on a per user basis
- set-casmailbox -DomainController DC2.domain.domain.com -Identity $SAM -ActiveSyncEnabled $false
- $newusers += @([pscustomobject]@{
- EmployeeID = $EID
- Name = $displayname
- TargetPath = $OU
- Branch = $office
- })
- #Get current permissions for the home drive we created earlier and set the permissions to allow the new user to access it
- $acl = Get-Acl \\DFSServer\fs\home\users\$SAM
- $ace = New-Object System.Security.AccessControl.FileSystemAccessRule("domain\$SAM", "Modify", "None", "None", "Allow")
- $acl.AddAccessRule($ace)
- $acl | Set-Acl
- }
- $newusers | epcsv c:\temp\newusers.csv -not
- #This section emails out the spreadsheets to the list of users below
- $toemails = "scholesythe8th@domain.com"
- foreach ($emailrecipient in $toemails){
- Send-MailMessage -SmtpServer "smtp.domain.com" -From "TMSImport@domain.com" -To "$emailrecipient" -Subject "TMS New and Disabled users - " -Attachments “c:\temp\disabledusers.csv”, “c:\temp\newusers.csv"
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement