Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#
- 1. Import from CSV file
- 2. Create Users in AD
- 3. Add users to groups
- #>
- #Import users to $Users variable
- $Users = Import-Csv -Path "C:\temp\newhires.csv"
- $ADServer = DC.DOMAIN.TLD
- #Create an empty Arraylist
- $ExistingUsers = New-Object System.Collections.ArrayList($null)
- #Create timer variable
- $Sleepseconds = 5
- foreach ($User in $Users) #Start work for each user
- {
- #Create variables to work with for each row in the CSV file
- $Displayname = $User.Firstname + " " + $User.Lastname
- $UserFirstname = $User.Firstname
- $UserMI = $User.MI
- $UserLastname = $User.Lastname
- $Initials = $User.Initials
- $OU = "OU=USER OU,DC=DOMAIN,DC=TLD"
- $SAM = $UserFirstname.substring(0,1) + $UserMI + $UserLastname
- $UPN = $UserFirstname.substring(0,1) + $UserMI + $UserLastname + "@PUBLICDOMAIN.TLD"
- $Password = "NewUserPass" + $User.Initials
- $StreetAddress = $User.StreetAddress
- $City = $User.City
- $State = $User.State
- $PostalCode = $User.PostalCode
- $Department = $User.Department
- $Manager = $User.Manager
- $Title = $User.Title
- $MobilePhone = $User.MobilePhone
- $OfficePhone = $User.OfficePhone
- $ADGroup1 = $User.ADGroup1
- $ADGroup2 = $User.ADGroup2
- #Test if user exists already
- $TryUser = Get-ADUser -LDAPFilter "(sAMAccountName=$SAM)"
- If ($TryUser -eq $null) { #Only add user if the user doesn't already exist
- New-ADUser -Name "$Displayname" -DisplayName "$Displayname" -SamAccountName $SAM -UserPrincipalName $UPN -GivenName "$UserFirstname" -Surname "$UserLastname" -EmailAddress $UPN -Description "$Description" -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -StreetAddress $StreetAddress -City $City -State $State -PostalCode $PostalCode -MobilePhone $MobilePhone -OfficePhone $OfficePhone -Enabled $true -Path "$OU" -ChangePasswordAtLogon $false -Department $Department -Manager $Manager -Title $Title -server $ADServer
- Do { #Wait for user propogation, then set additional settings
- Write-Host "Checking if User has been created"
- Start-Sleep -Seconds $Sleepseconds
- $ADUserCreated=Get-ADUser $SAM
- } While ($ADUserCreated -eq $Null)
- Set-ADUser -Identity $SAM -Add @{'Proxyaddresses'=@("SMTP:"+$UPN)}
- Set-ADUser -Identity $SAM -Add @{'Proxyaddresses'=@("smtp:"+$SAM+"@PUBLICDOMAIN.onmicrosoft.com")}
- Set-ADUser -Identity $SAM -Add @{'Proxyaddresses'=@("smtp:"+$SAM+"@PUBLICDOMAIN.mail.onmicrosoft.com")}
- Set-ADUser -Identity $SAM -Add @{'TargetAddress'=@("SMTP:"+$SAM+"@PUBLICDOMAIN.mail.onmicrosoft.com")}
- Add-ADGroupMember -Identity $ADGroup1 -Members $SAM
- Add-ADGroupMember -Identity $ADGroup2 -Members $SAM
- } Else { #Add user to list of Existing users
- $ExistingUsers.add($SAM)
- }
- } # End foreach $User block
- <#
- Sync AD to AAD
- #>
- invoke-command -computername SERVER -ScriptBlock {Start-ADSyncSyncCycle -PolicyType Delta}
- <#
- 1. Set location
- 2. Assign license
- 2. Add to group
- 3. Disable POP3 and IMAP
- #>
- #Connect to MSOnline
- import-module MSOnline
- $MSOLCred = Get-Credential -UserName "AZUREADMIN@PUBLICDOMAIN.TLD" -Message "MSOL/Office365 Login"
- connect-msolservice -credential $MSOLCred
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell/ -Credential $MSOLCred -Authentication Basic -AllowRedirection
- Import-PSSession $Session
- foreach ($User in $Users) {#Begin AAD Licensing assignment
- $UserFirstname = $User.Firstname
- $MSOLUPN = $UserFirstname.substring(0,1) + $User.MI + $User.LastName + "PUBLICDOMAIN.TLD"
- Do { # Wait for AAD sync
- Write-Host "Checking if user synced to Azure"
- Start-Sleep -Seconds $Sleepseconds
- $UserCreated = Get-MsolUser -UserPrincipalName $MSOLUPN -ErrorAction SilentlyContinue
- } While ($UserCreated -eq $Null)
- $MSOLSKU = "PUBLICDOMAIN:ENTERPRISEPACK"
- $UserFirstName = $User.FirstName
- $UserLastName = $User.LastName
- $MSOLObjID = (Get-MsolUser -UserPrincipalName $MSOLUPN).objectid.tostring()
- Set-MSOLUser -UserPrincipalName $MSOLUPN -UsageLocation US
- Set-MSOLUserLicense -ObjectId $MSOLObjID -AddLicenses $MSOLSKU
- } # End AAD Licensing assignment
- foreach ($User in $Users) { # Begin Exchange online assignments
- $UserFirstname = $User.Firstname
- $MSOLUPN = $UserFirstname.substring(0,1) + $User.MI + $User.LastName + "PUBLICDOMAIN.TLD"
- $checkifmailboxexists = get-mailbox $MSOLUPN -erroraction silentlycontinue
- Do { #Wait for mailbox to be created
- $checkifmailboxexists = get-mailbox $MSOLUPN -erroraction silentlycontinue
- Write-Host "Checking if mailbox has been created"
- Start-Sleep -Seconds $Sleepseconds
- } While ($checkifmailboxexists -eq $Null)
- Set-CASMailbox $MSOLUPN -PopEnabled $FALSE -ImapEnabled $FALSE -erroraction silentlycontinue
- # Add-DistributionGroupMember -Identity "ALLUSERS GROUP" -Member $MSOLUPN -erroraction silentlycontinue
- # Write-Output "$MSOLUPN Mailbox created. POP3 and IMAP disabled. User added to Distribution List"
- } # End Exhange online assignments block
- foreach ($User in $Users) { # Ticket info output
- $UserFirstname = $User.Firstname
- $UserLastname = $User.Lastname
- $UserMI = $User.MI
- $UPN = $UserFirstname.substring(0,1) + $UserMI + $UserLastname + "PUBLICDOMAIN.TLD"
- $ADGroup1 = $User.ADGroup1
- $ADGroup2 = $User.ADGroup2
- $OfficePhone = $User.OfficePhone
- Write-Output "User Created as $UPN with default password. `n`nAdded to groups: `n $ADGroup1 `n $ADGroup2 `n`nPhone Extension: $OfficePhone"
- } # End Ticket info output block
Add Comment
Please, Sign In to add comment