FISD-AD-Tools

1. #region Header Declaration
2. <#
3. .SYNOPSIS
4. Script is used to automate and maintain AD user accounts
5. .DESCRIPTION
6. Script has 4 different sections that runs powershell commands to automate the AD accounts
7. Adds New Accounts -
8. Update Existing Accounts -
9. Move Accounts -
10. Grouping -
11. .NOTES
12. Author : Demosesneeds B. Punchard - dpunchard@fisdk12.net
13. .LINK
14. http://www.myfisd.com
15. #>
16. #endregion Header Declaration
17.  
18. #region Begin Import AD Module
19. Clear
20. Import-Module ActiveDirectory
21. $targetPath = "D:\ExportFiles\Active.Directory\001_FHS\Students" #Set working root directory
22. Set-Location $targetPath
23. $campus = "FHS"
24. #endregion End Import AD Module
25.  
26. #region Begin Section 1 Add New AD Accounts
27. Write-Host " Begin Add New AD Accounts " -ForegroundColor 'Green'
28. #region Setup Variables
29. $users = Import-Csv -Path .\AD_Up_Stu_FHS.csv
30. $OU = $User.ouPath
31. $t = [DateTime]::Now.ToString("MM_dd_yy-HHmmss")
32. $archivePath = "$targetPath\NewUser"
33. $CreateGAMUser = ".\NEW_GAM_USERS.csv"
34. $CreateGAMUserHTML = ".\NEW_GAM_USERS.HTML"
35. $CreateADUser = ".\NEW_AD_USERS.csv"
36. $GamPict = "D:\ExportFiles\GAM(Google Apps Manager)\High_Schools\001_FHS\default.jpg"
37. #endregion
38.  
39. IF (Test-Path -Path $CreateGAMUser)
40. {Move-item $CreateGAMUser "$archivePath\NEW_GAM_USERS_$t.csv" }
41.  
42. Foreach ($user in $users)
43. {
44. $name = $user.samaccountname
45. $UserChk = Get-ADUser -Filter {sAMAccountName -eq $Name}
46.  
47. If ($UserChk -eq $Null)
48. {
49. $user|Export-Csv -path $CreateGAMUser -NoTypeInformation -Append
50. #region Setup new user Google account
51. #region Create Google User Account
52. & gam.exe create user $($user.mail)
53. #timeout /t 5
54. #endregion
55. #region Update new user Google Account
56. & gam.exe update user $($user.mail) firstname $($user.givenname) lastname $($user.sn)
57. #endregion
58. #region Change new user's Google account photo
59. & gam.exe user $($user.mail) update photo $GamPict
60. #endregion
61. #endregion
62.  
63. #region Setup new user AD account
64. New-ADUser -Name $($user.samaccountname) `
65. -SamAccountName $($user.samaccountname) `
66. -EmployeeID $($user.employeeID) `
67. -title $($user.title) `
68. -department $($user.department) `
69. -company $($user.company) `
70. -city $($user.l) `
71. -country $($user.c) `
72. -state $($user.st) `
73. -EmailAddress $($user.mail) `
74. -Description $($user.description) `
75. -ScriptPath $($user.scriptPath) `
76. -HomeDirectory $($user.homeDirectory) `
77. -AccountPassword (ConvertTo-SecureString $($user.Password) -AsPlainText -Force)`
78. -Enabled $true
79.  
80. "Just created an AD account for $($User.SamAccountname). Please verify that the user account exists in the directory."
81. #endregion
82.  
83. #region Setup new user AD home directory
84. $NetPath = "\\cifs0.fisdk12.net\Student_Home\$($user.serialnumber)"
85. $dletter = "H:"
86. $userhomepath = $NetPath + "\" + $($user.SamAccountName)
87. if(-not(Test-Path $userhomepath))
88. {
89. New-Item -Path $userhomepath -ItemType Directory
90. Write-host "$userhomepath ------Created" -foregroundcolor 'Grey'
91.  
92. $acl = get-acl $userhomepath
93.  
94. $inheritanceFlags = ([Security.AccessControl.InheritanceFlags]::ContainerInherit -bor `
95. [Security.AccessControl.InheritanceFlags]::ObjectInherit)
96. $propagationFlags = [Security.AccessControl.PropagationFlags]::None
97.  
98.  
99. $permissions = $($user.SamAccountName),"Modify",$inheritanceFlags,$propagationFlags,"Allow"
100. $access = New-Object system.security.accesscontrol.filesystemaccessrule ($permissions)
101. $acl.SetAccessRule($access)
102. $acl | Set-Acl $userhomepath
103. $homedir = $aduser.HomeDirectory
104. if ($homedir -like $null)
105. {
106.  
107. $aduser |Set-aduser -ObjectAttributes @{HomeDirectory = $userhomepath}
108. $aduser |Set-aduser -ObjectAttributes @{HomeDrive = $dletter}
109. $usr = $_
110.  
111. Write-host "Added Homedrive "$usr.HomeDrive" and Home directory "$usr.HomeDirectory"" -foregroundcolor Green
112. }
113. else {Write-host "$homedir already exists in AD for $_" -foregroundcolor yellow}
114.  
115. }
116. else
117. {
118.  
119. Write-Warning -Message "'$userhomepath' already exists."
120. $homedir = $aduser.HomeDirectory
121. if ($aduser.HomeDirectory -like $null)
122. {
123.  
124. $aduser | Set-aduser -homeDirectory $userhomepath
125. $aduser | Set-aduser -HomeDrive $dletter
126. $usr = Get-aduser $_
127.  
128. Write-host "Added Homedrive "$usr.HomeDrive" and Home directory "$usr.HomeDirectory"" -foregroundcolor Green
129. }
130. else {Write-host "$homedir already exists in AD for $_" -foregroundcolor yellow}
131. }
132. #endregion
133. }
134. Else
135. {
136. Enable-ADAccount -Identity $name
137. }
138. #timeout /t 5
139. }
140.  
141. #region Send Email to campus personell that new users have been created
142. #region Create HTML file which contains the list of users that have not registered with the PWM Portal
143.  
144. #region Create HTML File
145. $Date = get-date
146.  
147. Write-Host " Begin Create HTML " -ForegroundColor 'Yellow'
148. $a = “<style>”
149. $a = $a + “BODY{font-family: Verdana, Arial, Helvetica, sans-serif;font-size:10;font-color: #000000}”
150. $a = $a + “TABLE{border-width: 2px;border-style: solid;border-color: black;border-collapse: collapse;}”
151. $a = $a + “TH{border-width: 2px;padding: 0px;border-style: solid;border-color: black;background-color: #E8E8E8}”
152. $a = $a + “TD{border-width: 2px;padding: 0px;border-style: solid;border-color: black}”
153. $a = $a + “</style>”
154.  
155. IF (Test-Path -Path $CreateGAMUser)
156. {
157. $HTMLFILE = Import-CSV -Path $CreateGAMUser
158. $HTMLFILE|Sort-Object whenCreated,passwordlastset -descending| select sAMAccountName,division,displayName,mail,whenCreated,passwordlastset `
159. |Foreach-Object -Begin {
160. $a
161. "<H2>$campus New Student List</H2> <H3>New Student Accounts created at $campus on $Date</H3>"
162. "<table>"
163. "<tr><th> USERNAME </th><th> DIVISION </th><th> DISPLAY NAME </th><th> EMAIL ADDRESS </th></tr>"
164. $row = 0
165. } -Process {
166. $style = "style='background-color: white;'";
167.  
168. if ( $row % 2 -eq 0 )
169. {
170. $style = "style='background-color: lightblue;'";
171. }
172.  
173. "<tr><td {0}>{1}</td><td {0}>{2}</td><td {0}>{3}</td><td {0}>{4}</td></tr>" -f $style, $_.sAMAccountName,$_.division,$_.displayName,$_.mail
174.  
175. $row++
176. } -End {"</table>"}|Out-File .\$CreateGAMUserHTML
177. }
178. #| ConvertTo-Html -head $a -body $b | Set-Content $CreateGAMUserHTML}
179. Write-Host " End Create HTML Output " -ForegroundColor 'Yellow'
180. #endregion Create HTML Output
181.  
182. #region Begin Email Processing
183. IF (Test-Path -Path $CreateGAMUser)
184. {
185. If ($(Get-Item -Path $CreateGAMUser ).Length -gt 0)
186. {
187. $Date = Get-date
188. $body = Get-Content .\NEW_GAM_USERS.HTML -raw
189. Send-MailMessage `
190. -To "Demosesneeds Punchard <dpunchard@fisdk12.net>","$campus.Campus.Techs <$campus.Campus.Techs@fisdk12.net>","FISD.District.Techs <FISD.District.Techs@fisdk12.net>" `
191. -Subject "**Automation** New AD Student Accounts created at FHS" `
192. -Body "The AD_$campus has added new user account data on $date $body" `
193. -BodyAsHtml `
194. -SmtpServer "sta0.fisdk12.net" `
195. -From "do.not.reply@fisdk12.net" `
196. -Attachments $CreateGAMUser `
197. #-Bcc "" `
198. #-Cc "" `
199. #-Credential "" `
200. #-DeliveryNotificationOption "" `
201. #-Encoding "" `
202. #-Port "" `
203. #-Priority "" `
204. #-UseSsl ""
205.  
206. }
207. }
208. #endregion Send Email with attachment
209. #endregion
210.  
211. Write-Host " End Add New AD Accounts " -ForegroundColor 'Blue'
212. #endregion
213. Write-Host " End Add New AD Accounts " -ForegroundColor 'Red'
214. #endregion End Section 1 Add New AD Accounts
215.  
216. #region Begin Section 2 Update Existing AD Accounts
217. Write-Host " Begin Section 2 Update Existing AD Accounts " -ForegroundColor 'Green'
218. # Import CSV into variable $userscsv
219. $users = Import-Csv -Path .\AD_Up_Stu_FHS.csv
220. $OU = $User.ouPath
221.  
222. Foreach ($user in $users)
223. {
224. #Search in specified OU and Update existing attributes
225. Get-ADUser -Filter "SamAccountName -eq '$($user.samaccountname)'" -Properties * -SearchBase "DC=fisdk12,DC=net"|
226. Set-ADUser -GivenName $($user.givenName) `
227. -EmployeeID $($user.employeeID) `
228. -Surname $($user.sn) `
229. -Division $($user.Password) `
230. -DisplayName $($user.DisplayName) `
231. -UserPrincipalName $($user.eUserPrincipalName) `
232. -title $($user.title) `
233. -department $($user.department) `
234. -company $($user.company) `
235. -city $($user.l) `
236. -state $($user.st) `
237. -country $($user.c) `
238. -EmailAddress $($user.mail) `
239. -Description $($user.description) `
240. -CannotChangePassword:$false
241. <#-ScriptPath $($user.scriptPath) `#>
242. }
243.  
244.  
245. #region Begin Update Section 2b Custom AD Attributes
246. Write-Host " Begin Update Section 2b Custom AD Attributes " -ForegroundColor 'Green'
247. # Add Graduation year to users serialNumber Attribute
248. $users = Import-Csv -Path .\AD_Up_Stu_FHS.csv
249. Foreach ($user in $users)
250. {
251. SET-ADUSER -Identity $($user.SamAccountName) –replace @{serialnumber= $($user.serialNumber)}
252. }
253.  
254. # Add TSDS to AD profile using the roomNumber Attribute
255. Foreach ($user in $users)
256. {
257. $roomNumber = $($user.roomNumber)
258. $UserChk = Get-ADUser -Filter {roomNumber -eq $roomNumber}
259. If ($UserChk -eq $Null)
260. {Set-ADUser -Identity $($user.SamAccountName) -replace @{roomNumber= $($user.roomNumber)}
261. }
262. #Else {"$($user.samaccountname) user has a TSDS in AD"}
263. }
264. Write-Host " End Update Section 2b Custom AD Attributes " -ForegroundColor 'Green'
265. #endregion End Update Section 2b Custom AD Attributes
266.  
267. #region Begin Enabling all active accounts
268. <# Begin Enabling all active accounts
269. # Enable all accounts being updated from the File.
270. Write-Host " Begin Enabling all active accounts " -ForegroundColor 'Blue'
271. # Import CSV into variable $userscsv
272. $users = Import-Csv -Path .\AD_Up_Stu_FHS.csv
273. $OU = $User.ouPath
274.  
275. Foreach ($user in $users)
276. {
277. # Enable all accounts in the current file
278. Enable-ADAccount -Identity $($user.samaccountname)
279. }
280. Write-Host " End Enabling all active accounts " -ForegroundColor 'Blue'#>
281. #endregion
282.  
283. Write-Host " End Section 2 Update Existing AD Accounts " -ForegroundColor 'Red'
284. #endregion End Section 2 Update Existing AD Accounts
285.  
286. #region Begin Section 3 Move AD Accounts
287. Write-Host " Begin Section 3 Move AD Accounts " -ForegroundColor 'Green'
288. # Import CSV into variable $userscsv
289. $users = Import-Csv -Path .\AD_Up_Stu_FHS.csv
290. $OU = $User.ouPath
291.  
292. Foreach ($user in $users)
293. {
294. # Search in specified OU and Update existing attributes
295. Get-ADUser -Filter "SamAccountName -eq '$($user.samaccountname)'" -Properties * -SearchBase "DC=fisdk12,DC=net" |
296. move-adobject -targetpath $($user.ouPATH)
297. }
298. Write-Host " End Section 3 Move AD Accounts " -ForegroundColor 'Red'
299. #endregion End Section 3 Move AD Accounts
300.  
301. #region Begin Section 4 Shadow Group AD Accounts
302. # Import CSV into variable $userscsv
303. Write-Host " Begin Section 4 Shadow Group AD Accounts " -ForegroundColor 'Blue'
304. $users = Import-Csv -Path .\AD_Up_Stu_FHS.csv
305. $OU = $User.ouPath
306.  
307. Foreach($user in $campus_staff_data)
308. {
309. $grpname = $($user.group1)
310. $name = $user.samaccountname
311. $UsergrpChk = Get-adgroupmember -Identity $grpname
312. $UserChk = $UsergrpChk|where-object {$_.samaccountname -eq $Name}
313. If ($UserChk -eq $Null)
314. {add-adgroupmember -identity $grpname -member $($user.samaccountname)}
315. Else
316. {"$($user.samaccountname) User found in $grpname"}
317. }
318.  
319. # This section will add and remove users from the corresponding shadow group
320. # Define shadow group variables
321. $OU="OU=Grade09,OU=Users,OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net"
322. $ShadowGroup="CN=FHS.Students.Grade09,OU=Security_Groups,OU=Automated_Groups,OU=Do_Not_Remove,OU=FISDK12,DC=fisdk12,DC=net"
323.  
324. Get-ADGroupMember –Identity $ShadowGroup | Where-Object {$_.distinguishedName –NotMatch $OU} | ForEach-Object {Remove-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup –Confirm:$false}
325. Get-ADUser –SearchBase $OU –SearchScope Subtree –LDAPFilter "(!memberOf=$ShadowGroup)" | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup}
326.  
327. # This section will add and remove users from the corresponding shadow group
328. # Define shadow group variables
329. $OU="OU=Grade10,OU=Users,OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net"
330. $ShadowGroup="CN=FHS.Students.Grade10,OU=Security_Groups,OU=Automated_Groups,OU=Do_Not_Remove,OU=FISDK12,DC=fisdk12,DC=net"
331.  
332. Get-ADGroupMember –Identity $ShadowGroup | Where-Object {$_.distinguishedName –NotMatch $OU} | ForEach-Object {Remove-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup –Confirm:$false}
333. Get-ADUser –SearchBase $OU –SearchScope Subtree –LDAPFilter "(!memberOf=$ShadowGroup)" | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup}
334.  
335. # This section will add and remove users from the corresponding shadow group
336. # Define shadow group variables
337. $OU="OU=Grade11,OU=Users,OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net"
338. $ShadowGroup="CN=FHS.Students.Grade11,OU=Security_Groups,OU=Automated_Groups,OU=Do_Not_Remove,OU=FISDK12,DC=fisdk12,DC=net"
339.  
340. Get-ADGroupMember –Identity $ShadowGroup | Where-Object {$_.distinguishedName –NotMatch $OU} | ForEach-Object {Remove-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup –Confirm:$false}
341. Get-ADUser –SearchBase $OU –SearchScope Subtree –LDAPFilter "(!memberOf=$ShadowGroup)" | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup}
342.  
343. # This section will add and remove users from the corresponding shadow group
344. # Define shadow group variables
345. $OU="OU=Grade12,OU=Users,OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net"
346. $ShadowGroup="CN=FHS.Students.Grade12,OU=Security_Groups,OU=Automated_Groups,OU=Do_Not_Remove,OU=FISDK12,DC=fisdk12,DC=net"
347.  
348. Get-ADGroupMember –Identity $ShadowGroup | Where-Object {$_.distinguishedName –NotMatch $OU} | ForEach-Object {Remove-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup –Confirm:$false}
349. Get-ADUser –SearchBase $OU –SearchScope Subtree –LDAPFilter "(!memberOf=$ShadowGroup)" | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup}
350.  
351. # This section will add and remove users from the corresponding shadow group
352. # Define shadow group variables
353. $OU="OU=GradeGD,OU=Users,OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net"
354. $ShadowGroup="CN=FHS.Students.GradeGD,OU=Security_Groups,OU=Automated_Groups,OU=Do_Not_Remove,OU=FISDK12,DC=fisdk12,DC=net"
355.  
356. Get-ADGroupMember –Identity $ShadowGroup | Where-Object {$_.distinguishedName –NotMatch $OU} | ForEach-Object {Remove-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup –Confirm:$false}
357. Get-ADUser –SearchBase $OU –SearchScope Subtree –LDAPFilter "(!memberOf=$ShadowGroup)" | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup}
358.  
359. # This section will add and remove users from the corresponding shadow group
360. # Define shadow group variables
361. $SearchOU="OU=Users,OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net"
362. $OU=Get-ADUser -Filter {(department -ge "09") -and (department -ge "12") } -Properties * -SearchBase $SearchOU -SearchScope Subtree
363. $ShadowGroup="CN=FHS.All.Students,OU=Security_Groups,OU=Automated_Groups,OU=Do_Not_Remove,OU=FISDK12,DC=fisdk12,DC=net"
364.  
365. Get-ADGroupMember –Identity $ShadowGroup|Where-Object {(($_.department -ge "09") -and ($_.department -ge "12")) -and ($_.company -ne "001")} | ForEach-Object {Remove-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup –Confirm:$false}
366. Get-ADUser -LDAPFilter "(!memberOf=$ShadowGroup)" -SearchBase $SearchOU -SearchScope Subtree | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup}
367. Write-Host " End Section 4 Shadow Group AD Accounts " -ForegroundColor 'Blue'
368. #endregion End Section 4 Shadow Group AD Accounts
369.  
370. #region Begin Section 5 Isolate New AD Accounts
371. Write-Host " Begin Isolate New AD Accounts " -ForegroundColor 'Blue'
372. #use -.0429 = 1 hour
373. #use -.0825 = 2 hours
374. #use -1 = 24 hours
375. #use -.5 = 12 hours
376. $week = ((Get-Date).AddDays(-.0825))
377.  
378. Get-ADUser -Filter * -Properties * -SearchBase "OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net" |
379. <#Get-ADUser -Filter * -Properties * | `#>
380. where { $_.whenCreated -ge $week } | select sAMAccountName,division,displayName,mail,whenCreated,passwordlastset `
381. | Export-Csv -Path ".\AD_Pass_FHS_STU.csv" -NoTypeInformation
382. Get-ADUser -Filter * -Properties * -SearchBase "OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net" |
383. where { $_.whenCreated -ge $week } | select sAMAccountName,division,displayName,mail,whenCreated,passwordlastset `
384. | Export-Csv -Path ".\AD_Pass_Append_FHS_STU.csv" -append -NoTypeInformation
385. Write-Host " End Isolate New AD Accounts " -ForegroundColor 'Blue'
386. Write-Host " Begin Create HTML " -ForegroundColor 'Blue'
387. # Begin Create HTML Output
388. Write-Host " Begin Create HTML Output " -ForegroundColor 'Blue'
389. $a = “<style>”
390. $a = $a + “BODY{font-family: Verdana, Arial, Helvetica, sans-serif;font-size:10;font-color: #000000}”
391. $a = $a + “TABLE{border-width: 2px;border-style: solid;border-color: black;border-collapse: collapse;}”
392. $a = $a + “TH{border-width: 2px;padding: 0px;border-style: solid;border-color: black;background-color: #E8E8E8}”
393. $a = $a + “TD{border-width: 2px;padding: 0px;border-style: solid;border-color: black}”
394. $a = $a + “</style>”
395. Get-ADUser -Filter * -Properties * -SearchBase "OU=001_Students,OU=001_FHS,OU=_High_Schools,OU=FISDK12,DC=fisdk12,DC=net" |
396. <#Get-ADUser -Filter * -Properties * | `#>
397. Sort-Object whenCreated,passwordlastset -descending |
398. where { $_.whenCreated -ge $week } | select sAMAccountName,division,displayName,mail,whenCreated,passwordlastset `
399. | ConvertTo-Html -head $a -body $b | Set-Content ".\AD_Pass_FHS_STU.html"
400. Write-Host " End Create HTML Output " -ForegroundColor 'Blue'
401. #End Create HTML Output
402. #endregion End Isolate New AD Accounts Section 5
403.  
404. #region Begin Section 6 Change New Account Passwords
405. Write-Host " Begin Change New Account Passwords " -ForegroundColor 'Blue'
406. If ($(Get-Item -Path ".\AD_Pass_FHS_STU.csv" ).Length -gt 0)
407. {
408. # Import CSV into variable $userscsv
409. $users = Import-Csv -Path ".\AD_Pass_FHS_STU.csv"
410. # Loop through CSV and update users if the exist in CVS file
411.  
412. Foreach ($user in $users)
413. {
414. Set-ADAccountPassword $($user.samaccountname) -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $($user.division)-Force)
415. }
416. {
417. Write-Host " No passwords to change " -ForegroundColor 'Blue'
418. }
419.  
420. }
421. Write-Host " End Change New Account Passwords " -ForegroundColor 'Blue'
422. #endregion End Section 6 Change New Account Passwords
423.  
424. #region Begin Section 7 Disabling Inactive Accounts
425. # Disabled all accounts that are inactive via Skyward export
426. # Import CSV into variable $userscsv
427. Write-Host " Step 1 of 3 Disabling all accounts that are inactive via Skyward export " -BackgroundColor Yellow -ForegroundColor Blue
428. $users = Import-Csv -Path .\AD_InActive_FHS_Stu.csv
429. Foreach ($user in $users)
430. {
431. $name = $user.samAccountname
432. $UserChk = Get-ADUser -Filter {samAccountname -eq $Name}
433. If ($UserChk -eq $Null)
434. {"$($user.samAccountname) was not found in AD"}
435. Else {Disable-ADAccount -Identity $($user.sAMAccountName)}
436. }
437. Write-Host " End Step 1 of 3 Disabling all accounts that are inactive via Skyward export " -BackgroundColor Yellow -ForegroundColor Blue
438.  
439. # Set users description to Disabled via AD Automation and Clear EmailAddress to prevent sync with Google
440. # Import CSV into variable $userscsv
441. Write-Host " Step 2 of 3 Set users description to Disabled via AD Automation " -ForegroundColor 'Green'
442. $users = Import-Csv -Path .\AD_InActive_FHS_Stu.csv
443.  
444. Foreach ($user in $users)
445. {
446. Get-ADUser -Filter "SamAccountName -eq '$($user.samaccountname)'" -Properties * -SearchBase "DC=fisdk12,DC=net" |
447. Set-ADUser -Description $($user.description) #-Clear mail
448. }
449.  
450. # Move disabled user accounts to Students inactive OU
451. # Import CSV into variable $userscsv
452. Write-Host " Step 3 of 3 Move disabled user accounts to Students inactive OU " -ForegroundColor 'Green'
453. $users = Import-Csv -Path .\AD_InActive_FHS_Stu.csv
454. $OU = $User.ouPath
455.  
456. Foreach ($user in $users)
457. {
458. Get-ADUser -Filter "SamAccountName -eq '$($user.samaccountname)'" -Properties * -SearchBase "DC=fisdk12,DC=net" |
459. move-adobject -targetpath $($user.ouPath)
460. }
461. #endregion End Section 7 Disabling Inactive Accounts
462.  
463. #region Begin Section 8 Calling of External Scripts
464. Write-Host " Begin Calling of External Scripts " -Foreground 'Yellow'
465. & "D:\ExportFiles\Active.Directory\001_FHS\Students\AD_GD_Stu_FHS.ps1"
466. Write-Host " End Calling of External Scripts " -Foreground 'Yellow'
467. #endregion End Section 8 Calling of External Scripts
468.  
469. #region Begin Section 9 Email Processing
470.  
471. If ($(Get-Item -Path ".\AD_Pass_FHS_STU.csv" ).Length -gt 0)
472. {
473. # Begin Send Email with attachmen
474. $Date = Get-date
475. Send-MailMessage `
476. -To "Demosesneeds Punchard <dpunchard@fisdk12.net>","FHS.Campus.Techs <FHS.Campus.Techs@fisdk12.net>","FISD.District.Techs <FISD.District.Techs@fisdk12.net>" `
477. -Subject "**Automation** AD Accounts FHS Students" `
478. -Body "The AD_FHS Scheduled task has completed on $date. " `
479. -SmtpServer "sta0.fisdk12.net" `
480. -From "do.not.reply@fisdk12.net" `
481. -Attachments ".\AD_Pass_FHS_STU.html",".\AD_Pass_FHS_STU.csv"
482. #-Bcc "" `
483. #-BodyAsHtml `
484. #-Cc "" `
485. #-Credential "" `
486. #-DeliveryNotificationOption "" `
487. #-Encoding "" `
488. #-Port "" `
489. #-Priority "" `
490. #-UseSsl ""
491. #End Send Email with attachment
492. }
493. else
494. {
495. Write-Host " " -ForegroundColor 'Blue'
496. }
497. Write-Host " End Email Processing " -ForegroundColor 'Blue'
498. #endregion End Section 9 Email Processing
499.  
500. #region Begin Section 10 Cleanup of working files
501. Write-Host " Begin CleanUp " -Foreground 'Blue'
502. Remove-Item .\AD_Pass_FHS_STU.csv
503. Remove-Item .\AD_Pass_FHS_STU.html
504. Write-Host " End CleanUp " -Foreground 'Blue'
505. #endregion End Section 10 Cleanup of working files