From d4de2609928ed1e3b16530554f4129d0d3fc3991 Mon Sep 17 00:00:00 2001 From: Tre Hayes Date: Tue, 29 Mar 2022 16:30:45 -0500 Subject: [PATCH] Add 'NewUser_Creation.ps1' Signed-off-by: Tre Hayes --- NewUser_Creation.ps1 | 289 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 289 insertions(+) create mode 100644 NewUser_Creation.ps1 diff --git a/NewUser_Creation.ps1 b/NewUser_Creation.ps1 new file mode 100644 index 0000000..098ea67 --- /dev/null +++ b/NewUser_Creation.ps1 @@ -0,0 +1,289 @@ +function Build-ADUser { + [CmdletBinding()] + param ( + [Parameter(Mandatory=$true)] [System.Object]$User + ) + $retry = $true + + while ($true -eq $retry) { + ########### Check That Department Code Has 4 Digits ########### + if ($User.dept_Code -match '^\d{4}$') { + if ($(Get-ADUser -Identity $User.emp_ID)) { + [System.Windows.MessageBox]::Show("$($User.emp_ID) is currently used by ` + $(Get-ADUser -Identity $User.emp_ID | Select-Object -ExpandProperty Name). ` + Please enter a different Employee ID.", 'Existing User','OK','Information') + } + else { + Write-Host "User does NOT exist... Building User...`n" + + ############################################################################################################## + # New User Build # + # Copy Template User, Create New User, Set Password, Add Groups, Enable Exchange Mailbox # + # Write Completed User Build Info to CSV # + ############################################################################################################## + try { + ########### Copy Template User ########### + $copyUser = Copy-ADUser ($User.dept_Code) ($User.job_Title) ([REF]$global:build_Mailbox) ([REF]$global:vdi_Pool) + + ########### Create New User ########### + $OU = (($copyUser).DistinguishedName).split(',') + $newUser = @{ + Name = "$($User.first_Name) $($User.last_Name)" + SamAccountName = "$($User.emp_ID)" + DisplayName = "$($User.first_Name) $($User.last_Name)" + UserPrincipalName = "$($User.emp_ID)@nkch.org" + Path = "$($OU[1..($OU.length)] -join(','))" + GivenName = "$($User.first_Name)" + Initials = "$($User.middle_name)" + Surname = "$($User.Last_Name)" + Department = "$($User.department_name)" + Office = "$($User.department_name)" + Description = "$($User.job_Title)" + Title = "$($User.job_Title)" + Enabled = $true + OtherAttributes = @{ + nkchDeptCode = $($User.dept_Code); + nkchVP = "$((Get-ADUser -Identity $($User.vice_President)).DistinguishedName)"; + } + } + New-ADUser @newUser + + ########### Set Password ########### + Add-ADGroupMember -Identity 'NewUserPasswordPolicy' -Members $newUser.SamAccountName + Set-ADAccountPassword -Identity $newUser.SamAccountName -Reset -NewPassword (ConvertTo-SecureString $newUser.SamAccountName -AsPlainText -Force) + Remove-ADGroupMember -Identity 'NewUserPasswordPolicy' -Members $newUser.SamAccountName -Confirm:$false + + ########### Add Groups ########### + Get-ADPrincipalGroupMembership -Identity $($copyUser.SamAccountName) | ? {$_.Name -notlike '*VPN*'} | Select-Object -ExpandProperty DistinguishedName | ` + Add-ADGroupMember -Members $newUser.SamAccountName -ErrorAction SilentlyContinue + Add-ADGroupMember -Identity $vdi_Pool -Members $newUser.SamAccountName + Write-Host "User Account Successfully Built!" + } + catch { + [System.Windows.MessageBox]::Show("$($newUser.GivenName) $($newUser.Surname)'s account was not built",` + 'ERROR','OK','Warning') + } + + ########### Build Exchange Mailbox ########### + if ($true -eq $build_Mailbox) { + Write-Host "Please wait while we set up $($newUser.GivenName)'s mailbox..." + $exchSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http:///powershell -Authentication Kerberos + + try { + Import-PSSession $exchSession -AllowClobber -CommandName Get-Mailbox,Enable-Mailbox + Start-Sleep -Seconds 2 + Enable-Mailbox -Identity $newUser.SamAccountName -Database "$(Get-Random($mailbox_DBs))" -ErrorAction Stop + } + catch { + [System.Windows.MessageBox]::Show("$($newUser.GivenName) $($newUser.Surname)'s mailbox was not built",` + 'ERROR','OK','Warning') + } + + ########### Check If Mailbox Build Was Successful ########### + if (Get-Mailbox -Identity $newUser.SamAccountName) { + Write-Host 'Mailbox Built!' + build-UserLog -empID $newUser.SamAccountName + Remove-PSSession -Session $exchSession + } + } + clear-Fields + $retry = $false + + ############################################################################################################## + # End New User Build # + ############################################################################################################## + } + } + else { + if ($User.dept_Code -notmatch '^\d{4}$') { + $popupWarning = [System.Windows.MessageBox]::Show("$($User.first_Name) $($User.last_Name) does not have a vaild Deptartment ` + Code!! Would you like to manually set their Department Code??", 'confirmation','YesNo','Warning') + + switch ($popupWarning) { + 'Yes' { + $User.dept_Code = 0 + while ($User.dept_Code -notmatch '^\d{4}$') { + $User.dept_Code = [Microsoft.VisualBasic.Interaction]::InputBox('What is the department code?: ', 'Department Code') + if ([string]::IsNullOrEmpty($User.dept_Code)) { + Write-Host "Skipping $($User.first_Name) $($User.last_Name)...`n"; Start-Sleep -Seconds 1 + $retry = $false + break + } + } + } + + 'No' { + Write-Host "Skipping $($User.first_Name) $($User.last_Name)...`n"; Start-Sleep -Seconds 1 + $retry = $false + } + } + } + } + } +} + +function Build-MultiADUser ($departments) { + $newUsers_CSV = Import-Csv -Path '.\NewUser_Test.csv' + foreach ($user in $newUsers_CSV) { + $dept_Name = foreach ($dept in $departments) { + if ([int] $user.dept_Code -eq $dept.'Deparment') { + $VP = $dept.'VP EmpID' + $dept.'DepartmentName' + } + } + + ########### Check That Department Code Has 4 Digits ########### + if ($user.dept_Code -match '^\d{4}$') { + if ($(Get-ADUser -Identity $user.emp_ID)) { + [System.Windows.MessageBox]::Show("$($user.emp_ID) is currently used by ` + $(Get-ADUser -Identity $user.emp_ID | Select-Object -ExpandProperty Name). ` + Please enter a different Employee ID.", 'Existing User','OK','Information') + } + else { + Write-Host "User does NOT exist... Building User...`n" + + ############################################################################################################## + # New User Build # + # Copy Template User, Create New User, Set Password, Add Groups, Enable Exchange Mailbox # + # Write Completed User Build Info to CSV # + ############################################################################################################## + try { + ########### Copy Template User ########### + $copyUser = Copy-ADUser ($user.dept_Code) ($user.job_Title) ([REF]$global:build_Mailbox) ([REF]$global:vdi_Pool) + + ########### Create New User ########### + $OU = (($copyUser).DistinguishedName).split(',') + $newUser = @{ + Name = "$($user.first_Name) $($user.last_Name)" + SamAccountName = "$($user.emp_ID)" + DisplayName = "$($user.first_Name) $($user.last_Name)" + UserPrincipalName = "$($user.emp_ID)@nkch.org" + Path = "$($OU[1..($OU.length)] -join(','))" + GivenName = "$($user.first_Name)" + Initials = "$($user.MI)" + Surname = "$($user.Last_Name)" + Department = "$($dept_Name)" + Office = "$($dept_Name)" + Description = if ([string]::IsNullOrEmpty($user.EndDate)) { "$($user.job_Title)" } + else { + $date = $user.EndDate.split('/') | % {$_.Padleft(2,'0')} + "$($user.job_Title) (exp. $($date[0]).$($date[1]).$($date[2]))" + } + Title = if ([string]::IsNullOrEmpty($user.EndDate)) { "$($user.job_Title)" } + else { + $date = $user.EndDate.split('/') | % {$_.Padleft(2,'0')} + "$($user.job_Title) (exp. $($date[0]).$($date[1]).$($date[2]))" + } + AccountExpirationDate = if ([string]::IsNullOrEmpty($user.EndDate)) { $null } + else { "$(([DateTime] $user.EndDate).AddDays(2))" } + Enabled = $true + OtherAttributes = @{ + nkchDeptCode = $($user.dept_Code); + nkchVP = "$((Get-ADUser -Identity $($VP)).DistinguishedName)"; + } + } + New-ADUser @newUser + + ########### Set Password ########### + Add-ADGroupMember -Identity 'NewUserPasswordPolicy' -Members $newUser.SamAccountName + Set-ADAccountPassword -Identity $newUser.SamAccountName -Reset -NewPassword (ConvertTo-SecureString $newUser.SamAccountName -AsPlainText -Force) + Remove-ADGroupMember -Identity 'NewUserPasswordPolicy' -Members $newUser.SamAccountName -Confirm:$false + + ########### Add Groups ########### + Get-ADPrincipalGroupMembership -Identity $($copyUser.SamAccountName) | ? {$_.Name -notlike '*VPN*'} | Select-Object -ExpandProperty DistinguishedName | ` + Add-ADGroupMember -Members $newUser.SamAccountName -ErrorAction SilentlyContinue + Add-ADGroupMember -Identity $vdi_Pool -Members $newUser.SamAccountName + Write-Host "User Account Successfully Built!" + } + catch { + [System.Windows.MessageBox]::Show("$($newUser.GivenName) $($newUser.Surname)'s account was not built",` + 'ERROR','OK','Warning') + } + + ########### Build Exchange Mailbox ########### + if ($true -eq $build_Mailbox) { + Write-Host "Please wait while we set up $($newUser.GivenName)'s mailbox..." + $exchSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http:///powershell -Authentication Kerberos + + try { + Import-PSSession $exchSession -AllowClobber -CommandName Get-Mailbox,Enable-Mailbox + Start-Sleep -Seconds 2 + Enable-Mailbox -Identity $newUser.SamAccountName -Database "$(Get-Random($mailbox_DBs))" -ErrorAction Stop + } + catch { + [System.Windows.MessageBox]::Show("$($newUser.GivenName) $($newUser.Surname)'s mailbox was not built",` + 'ERROR','OK','Warning') + } + + ########### Check If Mailbox Build Was Successful ########### + if (Get-Mailbox -Identity $newUser.SamAccountName) { + Write-Host 'Mailbox Built!' + build-UserLog -empID $newUser.SamAccountName + Remove-PSSession -Session $exchSession + } + } + ############################################################################################################## + # End New User Build # + ############################################################################################################## + } + } + else { + if ($user.dept_Code -notmatch '^\d{4}$') { + $popupWarning = [System.Windows.MessageBox]::Show("$($user.first_Name) $($user.last_Name) does not have a vaild Deptartment ` + Code!! Would you like to manually set their Department Code??", 'confirmation','YesNo','Warning') + + switch ($popupWarning) { + 'Yes' { + $user.dept_Code = 0 + while ($user.dept_Code -notmatch '^\d{4}$') { + $user.dept_Code = [Microsoft.VisualBasic.Interaction]::InputBox('What is the department code?: ', 'Department Code') + if ([string]::IsNullOrEmpty($user.dept_Code)) { + Write-Host "Skipping $($user.first_Name) $($user.last_Name)...`n"; Start-Sleep -Seconds 1 + break + } + } + } + + 'No' { + Write-Host "Skipping $($user.first_Name) $($user.last_Name)...`n"; Start-Sleep -Seconds 1 + } + } + } + } + } +} + +function Copy-ADUser ($dept_Code, $job_Title, $mailbox, $vdi) { + switch ($dept_Code) { + {($_ -eq '6810') -or ($_ -eq '8010')} { + switch -Wildcard ($job_Title) { + '*Nursing*' { Get-ADUser -Identity _templatestudent -Properties MemberOf; $mailbox.Value = $false; $vdi.Value = "$(Get-Random($vdi_Clin_Pool))" } + '*Pharmacy*' { Get-ADUser -Identity _templatestudent -Properties MemberOf; $mailbox.Value = $false; $vdi.Value = "VDI-Pharmacy" } + } + } + '6900' { + switch ($job_Title) { + 'RN' { Get-ADUser -Identity _templatePRNPoolRN -Properties MemberOf; $vdi.Value = "$(Get-Random($vdi_Clin_Pool))" } + 'CNA' { Get-ADUser -Identity _templatePRNPoolCNA -Properties MemberOf; $vdi.Value = "$(Get-Random($vdi_Clin_Pool))" } + } + } + {($_ -eq '6910') -or ($_ -eq '6920')} { + switch ($job_Title) { + 'RN' { Get-ADUser -Identity _templateFloatRN -Properties MemberOf; $vdi.Value = "$(Get-Random($vdi_Clin_Pool))" } + 'CNA' { Get-ADUser -Identity _templateFloatCNA -Properties MemberOf; $vdi.Value = "$(Get-Random($vdi_Clin_Pool))" } + } + } + '7100' { Get-ADUser -Identity _templateEDRN -Properties MemberOf; $vdi.Value = "$(Get-Random($vdi_Clin_Pool))" } + #default { Get-ADUser -Identity _templatestudent -Properties MemberOf } + } +} + +Add-Type -AssemblyName 'PresentationFramework' +Add-type -AssemblyName 'Microsoft.VisualBasic' +$global:build_Mailbox = $true +$global:vdi_Pool = '' +$VP = '' +$mailbox_DB_Nums = @(1..100 | % {$_.ToString("00")}) +$mailbox_DBs = @($mailbox_DB_Nums | % {"NKCH_DB$($_)"}) +$vdi_Clin_Pool_Letters = @('A', 'B', 'C') +$vdi_Clin_Pool = @($vdi_Clin_Pool_Letters | % {"VDI-Clinical Pool $($_)"}) \ No newline at end of file