Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Get Today's Date. Date format 4 is for YYYY-MM-DD, makes folders behave correctly when sorted by name.
- $TodaysDate = Get-Date
- $TodaysDate = $TodaysDate.GetDateTimeFormats()[4]
- #Begin Transcript
- $TransPath = "\\server\ProgramStore\UserCreation\Transcripts\" + $TodaysDate
- md $TransPath
- $TransPath = $TransPath + "\Step1.log"
- Start-Transcript -Path $TransPath
- #Set up Log files for output
- $LogPath = "\\server\ProgramStore\UserCreation\Logs\" + $TodaysDate
- md $LogPath
- $ExportPath = "\\server\ProgramStore\UserCreation\Exports\" + $TodaysDate
- md $ExportPath
- $ErrorLog = $LogPath + "\Errorlog.txt"
- $SuccessLog = $LogPath + "\Successlog.txt"
- Add-Content $ErrorLog "-----------------------------------------------------------------"
- Add-Content $ErrorLog $TodaysDate
- Add-Content $ErrorLog "Step 1"
- Add-Content $ErrorLog "-----------------------------------------------------------------"
- Add-Content $SuccessLog "-------------------------------------------------------------------"
- Add-Content $SuccessLog $TodaysDate
- Add-Content $SuccessLog "Step 1"
- Add-Content $SuccessLog "-------------------------------------------------------------------"
- ## Create Session with local mail server
- $s1=New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://mail.domain.ac.uk/PowerShell -Authentication Kerberos
- Import-PSSession -Session $s1
- ## Add AD Cmdlets
- Import-Module ActiveDirectory
- #Import CSV
- $csv = @()
- $csv = Import-Csv -Delimiter "," -Path "\\fcpsdb\UserCreation\ITAccounts.csv"
- #Get Domain Base
- $searchbase = Get-ADDomain | ForEach { $_.DistinguishedName }
- #Set up CSVs for Adobe
- $CreatedUsers = $ExportPath + "\CreatedUsers.csv"
- $AdobeExport = $ExportPath + "\AdobeExport.csv"
- $AdobeExport2 = "\\server\ProgramStore\UserCreation\Exports\AdobeExport2.csv"
- #Create the Output CSV. Will overwrite the file
- "Username,Homedrive" | Out-File -FilePath $CreatedUsers -Encoding ASCII
- "Firstname,Lastname,email" | Out-File -FilePath $AdobeExport -Encoding ASCII
- "Identity Type,Username,Domain,Email,First Name,Last Name,Country Code,Product Configurations,Admin Roles,Product Configurations Administered,User Groups,User Groups Administered,Products Administered" | Out-File -FilePath $AdobeExport2 -Encoding ASCII -NoClobber
- #Leeway for students - the amount of time after their course is expected to end that they can still log in.
- $AddTime = New-TimeSpan -Days 90
- #Loops for each user in the CSV
- ForEach ($user In $csv)
- {
- #Creates variables based on the user information
- $OU = "OU=Student,OU=Users,OU=Win7,DC=domain,DC=lan"
- $title= $user.'Student Ref No'
- $lastname= ($user.'Student Surname'.Substring(0,1).toupper() + $User.'Student Surname'.Substring(1).tolower())
- #Creates username. Removes punctuation, takes the last 3 digits of the student ref number.
- $FThree = ($user.'Student Ref No'.Length - 3)
- $Detailedname = $User.'Student First Forename'.Substring(0,1).tolower() + $lastname.tolower() + $user.'Student Ref No'.Substring($FThree,3)
- $Detailedname = $Detailedname -replace "[-]"
- $Detailedname = $Detailedname -replace "[ ]"
- $Detailedname = $Detailedname -replace "[']"
- #Create the rest of the AD information
- $UserFirstname = $User.'Student First Forename'
- $SAM = $Detailedname
- $UPN= $Detailedname + "@domain.ac.uk"
- $Displayname= $Detailedname
- $Dis= "Student"
- $profilepath= "\\BRCStudent\Profiles$\Mandatory"
- $Password = $Detailedname.ToLower()
- $POBox = $user.'Student Ref No' -replace "[F]"
- #Get the Expiry date, turn it into a Date object.
- $ExpiryDate = $User."Expected End Date"
- $ExpiryDate = Get-Date $ExpiryDate
- $ExpiryDate = $ExpiryDate + $AddTime
- $CompareDate = $ExpiryDate.GetDateTimeFormats()[4]
- #Set the correct storage location and groups
- if ($user.'Extended Network Storage'-eq 1)
- {$homedrive = "\\BRCStudent\VpaHi\" + $Detailedname
- $group= "VpaHiFile","AllStudents"}
- else {$homedrive = "\\BRCStudent\VpaMed\" + $Detailedname
- $group= "VpaMedFile","AllStudents"}
- #Set the correct groups for Gaming students
- if ($user.Gaming -eq 1){
- $group="VpaHiFile","AllStudents","LS_ComputingStudents"}
- #Set the correct groups for Media students
- if ($user.Media -eq 1){
- $group=$group + "2013_Users_Students_Media"}
- #If the Expiry Date is after today, create the account.
- if ($TodaysDate -lt $CompareDate){
- #If the name will be too long, write it to the Error log. Otherwise, make user.
- if ($SAM.length -gt 20) {
- Write-Host "Username is too long: $SAM."
- add-content $ErrorLog "Username is too long: $SAM"
- add-content $ErrorLog "-------------------------------------------------------------------"}
- else{
- #Check if the user exists
- $ValidUser = Get-ADUser -Filter 'SAMAccountName -eq $SAM'
- if ($ValidUser -ne $null) {
- #If so, find their current expiry date. If that fails (due to being null), set it as the ExpiryDate
- Try {
- $CurrentUser = Get-ADUser -Identity $SAM -Properties AccountExpirationDate -ErrorAction Stop
- $CurrentExpire = Get-Date $CurrentUser.AccountExpirationDate
- #If the new Expiry Date is after the Current one, set it to the new one.
- If ($Expirydate -gt $CurrentExpire){
- Set-ADUser -Identity $SAM -AccountExpirationDate $ExpiryDate
- Write-Host -ForegroundColor Magenta "$SAM Amended"
- add-content $SuccessLog "User $SAM Expiry amended."
- }
- Else{
- Write-Host -ForegroundColor Red "$SAM Unchanged"
- }
- }
- Catch{
- Write-Host -ForegroundColor Magenta "$SAM Amended"
- add-content $SuccessLog "User $SAM Expiry amended."
- Add-Content $SuccessLog "-------------------------------------------------------------------"
- Set-ADUser -Identity $SAM -AccountExpirationDate $ExpiryDate
- }
- }
- Else
- {
- #Create the User if it doesn't exist
- $create = New-ADUser -Name $Detailedname -SamAccountName $SAM -UserPrincipalName $UPN -DisplayName $Displayname -GivenName $UserFirstname -Surname $lastname -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -Enabled $true -Path $OU -Title $title -Description $Dis -profilePath $profilepath -POBox $POBox -HomeDrive H: -HomeDirectory $homedrive -Department "students" -ChangePasswordAtLogon $true
- Set-ADUser -Identity $SAM -AccountExpirationDate $ExpiryDate
- #
- #Make their Home drive. Copy the Resources folder to it.
- md -Path $homedrive
- Copy-Item \\server\ProgramStore\UserCreation\Resources\* $homedrive -Recurse
- "$Detailedname,$homedrive" | Out-File -FilePath $CreatedUsers -Append -Encoding ASCII
- #Populate the Adobe export with their details. Dump the CSV in Adobe Enterprise Manager to add them to Adobe.
- $useremail = $Detailedname + "@domain.ac.uk"
- "$UserFirstname,$lastname,$useremail" | Out-File -FilePath $AdobeExport -Append -Encoding ASCII
- $Adobe2Identity = "Federated ID"
- $Adobe2Username = $UPN
- $Adobe2Domain = "domain.ac.uk"
- $Adobe2Email = $UPN
- $Adobe2FirstName = $UserFirstname
- $Adobe2LastName = $lastname
- $Adobe2CountryCode = "GB"
- $Adobe2Product = "domain All Apps"
- "$Adobe2Identity,$Adobe2Username,$Adobe2Domain,$Adobe2Email,$Adobe2FirstName,$Adobe2LastName,$Adobe2CountryCode,$Adobe2Product,,,,," | Out-File -FilePath $AdobeExport2 -Append -Encoding ASCII
- Write-Host "AD Account $Detailedname created!"
- add-content $SuccessLog "User $SAM created Sucessfully."
- ## Adding User to Group
- Add-ADPrincipalGroupMembership -Identity $SAM -MemberOf $group
- Write-Host " Added to Groups Needed"
- add-content $SuccessLog "AD User $SAM Added to groups Sucessfully."
- Write-Host -ForegroundColor Green $SAM
- Add-Content $SuccessLog "-------------------------------------------------------------------"
- }
- }
- }
- Else{
- Write-Host "AD User $SAM Already Expired"}
- }
- Add-Content $SuccessLog "-------------------------------------------------------------------"
- Get-PSSession|Remove-PSSession
- Stop-Transcript
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement