Scribd
Upload
126 views

Power Shell Scripts

The document contains descriptions and scripts for performing various Active Directory user and group management tasks, including: 1. Creating new user accounts from a CSV file and adding them to groups. 2. Creating groups by name from a CSV file. 3. Deleting user accounts and removing them from groups. 4. Disabling and enabling user accounts while logging actions. 5. Generating and resetting user passwords based on name initials. 6. Automatically mapping home drives for users based on a CSV file.

Uploaded by

kiran00551
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
126 views

Power Shell Scripts

The document contains descriptions and scripts for performing various Active Directory user and group management tasks, including: 1. Creating new user accounts from a CSV file and adding them to groups. 2. Creating groups by name from a CSV file. 3. Deleting user accounts and removing them from groups. 4. Disabling and enabling user accounts while logging actions. 5. Generating and resetting user passwords based on name initials. 6. Automatically mapping home drives for users based on a CSV file.

Uploaded by

kiran00551
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 10

Please find the following list of scripts along with the description:

Create New User Account in AD: “CreateAccountNew.ps1”

Add-PSSnapin Quest.Activeroles.ADManagement
$ErrorActionPreference = "SilentlyContinue"
out-file -filepath C:\aduserlog.txt -encoding unicode -inputobject "Action on Account
SamAccount Date-Time"
out-file -filepath C:\aduserlog.txt -encoding unicode -append -inputobject ""

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


import-csv C:\Vidya\ADAuto\adaccountdata.csv |%{
$parentOU=$_.ParentContainer
$givenName=$_.FirstName
$sn=$_.LastName
$displayName=$givenName + " " +$sn
$UPNPrefix=$_.UPNPrefix
$UPNSuffix="@HSBC"
$cn=$UPNPrefix + " " +$displayName
$samAccount=$_.SamAccountName
$employeeID=$_.EmployeeID
$employeeType=$_.EmployeeType
$userpassword=$_.Password
$parentOU=Get-QADObject $parentOU
$newuser=$parentOU.DirectoryEntry.Create("user","CN=$cn")

$user = $_.SamAccountName

$group1 = $_.group1
$group2 = $_.group2

$newUser.Put("givenName",$givenName)

$newUser.Put("sn",$sn)

$newUser.Put("displayName",$displayName)

$newUser.Put("edsaUPNPrefix",$UPNPrefix)
$newUser.Put("edsaUPNSuffix",$UPNSuffix)
$newUser.Put("samAccountName",$samAccount)
$newUser.Put("employeeType",$employeeType)
$newUser.Put("employeeID",$employeeID)
$newUser.Put("edsaPassword",$userpassword)
$newUser.Put("edsaAccountIsDisabled","false")

$newUser.setInfo()

1
Add-QADgroupmember -member $samAccount -identity $group1
Add-QADgroupmember -member $samAccount -identity $group2

#Set-Variable -Name ErrMsg -Value "OK" -Scope Script;

Trap [Exception] {
Set-Variable -Name ErrMsg -Value "AC" -Scope global
Write-Host "Error occurred, ignoring it"
# Might set a variable so we can check for the error outside of Trap
$global:ErrMsg = ($_.Exception.Message.ToString()).Trim();

$dt = get-date
out-file -filepath C:\aduserlog.txt -encoding unicode -append -inputobject
"$global:ErrMsg $user $dt"

Set-Variable -Name flgval -Value "T" -Scope global

Continue
}

if($global:flgval -ne "T")


{

$dt = get-date
out-file -filepath C:\aduserlog.txt -encoding unicode -append -inputobject "Account
Created $user $dt"
}
$global:flgval = ""
}

disconnect-qadService

$emailFrom = "[email protected]" #get an id registered


EX: [email protected]
$emailTo = "[email protected],[email protected]" #can put a
distribution list here.
$subject = "AD Account Created"
$body = "AD Account is Created for all the staff ids present in the spreadsheet at
Location \\gscinh3fs1.hdpi.in.hsbc\AD_Automation\."
$smtpServer = "130.21.197.94"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)

2
Script to Create a Group: “Creategrp.ps1”

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


new-QADGroup -ParentContainer 'OU=Common Groups for All GSCs,OU=GSC IN
HYD II Groups,OU=GSC IN HYD II,OU=GSC
IN,OU=GSC,DC=HBAPTEST,DC=ADROOTTEST,DC=HSBC' -name 'GTEST12'
-samaccountname 'GTEST12' -grouptype 'Distribution' -groupscope 'Universal'
disconnect-qadService

Script to create a group by taking groups names from a csv file: “creategrpfromcsv.ps1”

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


out-file -filepath C:\creategroups.log -encoding unicode -inputobject "Action on Account
GroupName Date-Time"
out-file -filepath C:\creategroups.log -encoding unicode -append -inputobject ""

import-csv C:\Vidya\ADAuto\creategroups.csv |%{

$Pcontainer = $_.Container
$grpname = $_.group
$grptype = $_.type
$grpscope = $_.scope

new-QADGroup -ParentContainer $Pcontainer -name $grpname -samaccountname


$grpname -grouptype $grptype -groupscope $grpscope

#Set-Variable -Name ErrMsg -Value "OK" -Scope Script;

Trap [Exception] {
Set-Variable -Name ErrMsg -Value "AC" -Scope global
Write-Host "Error occurred, ignoring it"
# Might set a variable so we can check for the error outside of Trap
$global:ErrMsg = ($_.Exception.Message.ToString()).Trim();

$dt = get-date
out-file -filepath C:\creategroups.log -encoding unicode -append -inputobject
"$global:ErrMsg $grpname $dt"

Set-Variable -Name flgval -Value "T" -Scope global

Continue
}

if($global:flgval -ne "T")

3
{

$dt = get-date
out-file -filepath C:\creategroups.log -encoding unicode -append -inputobject "Group
created $grpname $dt"
}
$global:flgval = ""

disconnect-qadService

Script to delete an account: “deleteaccount.ps1”

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


import-csv 'c:\AD Auto\NewUser.csv' |%{

$samAccount=$_.SamAccountName

$group = $_.group

Remove-QADGroupMember -Identity $group -Member $samAccount

disconnect-qadService

Script to disable a user: “disableuser.ps1”

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'

out-file -filepath C:\test.txt -encoding unicode -inputobject "Action on Account


SamAccount Date-Time"
out-file -filepath C:\test.txt -encoding unicode -append -inputobject ""

import-csv NewUser.csv |%{


$user = $_.SamAccountName

Disable-QADUser -Identity $user

write-host $user is disabled


$File_Title = $user.SamAccountName
$dt = get-date

4
out-file -filepath C:\test.txt -encoding unicode -append -inputobject "Account Disabled
$user $dt"
}

$emailFrom = "[email protected]"
$emailTo = "[email protected]"
$subject = "your subject"
$body = "test"
$smtpServer = "130.21.197.94"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)

Send-smtpMail -smtphost "130.21.197.94" -to "[email protected]" -from


"[email protected]" -subject "Tesing" -body "HIII"

Script to enable a user: “enableuser.ps1”

Add-PSSnapin Quest.Activeroles.ADManagement
connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'

out-file -filepath C:\acc_enable.log -encoding unicode -inputobject "Action on Account


SamAccount Date-Time"
out-file -filepath C:\acc_enable.log -encoding unicode -append -inputobject ""

import-csv NewUser.csv |%{


$user = $_.SamAccountName

Enable-QADUser -Identity $user

write-host $user is Enabled


$dt = get-date
out-file -filepath acc_enable.log -encoding unicode -append -inputobject "Account
Enabled $user $dt"

$emailFrom = "[email protected]"
$emailTo = "[email protected]"
$subject = "Account Enabled"
$body = "Pls do not reply to this email. This is an auto-generated email."
$smtpServer = "130.21.197.94"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body)

5
Send-smtpMail -smtphost "130.21.197.94" -to "[email protected]" -from
"[email protected]" -subject "Account Enabled" -body "Pls do not reply to this
email. This is an auto-generated email."

Script to generate/reset a user’s password: “generate-resetpasswd.ps1”

$ErrorActionPreference = "SilentlyContinue"
out-file -filepath C:\resetpassword.log -encoding unicode -inputobject "Action on
Account SamAccount Date-Time"
out-file -filepath C:\resetpassword.log -encoding unicode -append -inputobject ""

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


import-csv Finallistofusertoresetpassword.csv |%{
$user = $_.SamAccountName
$username1 = $_.FirstName
$username2 = $_.LastName
$firstchars = $username1.Length - 4
$firstchars = $username1.remove(4,$firstchars)

$lastchars = $username2.length - 4
$lastchars = $username2.remove(0,$lastchars)

$NewPassword = $firstchars + "@" + $lastchars


$firstchars + "@" + $lastchars
$NewPassword
Set-QADUser $user -UserPassword $NewPassword

#Set-Variable -Name ErrMsg -Value "OK" -Scope Script;

Trap [Exception] {
Set-Variable -Name ErrMsg -Value "AC" -Scope global
Write-Host "Error occurred, ignoring it"
# Might set a variable so we can check for the error outside of Trap
$global:ErrMsg = ($_.Exception.Message.ToString()).Trim();

$dt = get-date
out-file -filepath C:\resetpassword.log -encoding unicode -append -inputobject
"$global:ErrMsg $user $dt"

Set-Variable -Name flgval -Value "T" -Scope global

6
Continue
}

if($global:flgval -ne "T")


{

$dt = get-date
out-file -filepath C:\resetpassword.log -encoding unicode -append -inputobject "Password
changed $user $dt"
}
$global:flgval = ""

Script to automatically map home drives: “homedrivemapping.ps1”

$ErrorActionPreference = "SilentlyContinue"
out-file -filepath C:\maphomefolder.log -encoding unicode -inputobject "Action on
Account SamAccount Date-Time"
out-file -filepath C:\maphomefolder.log -encoding unicode -append -inputobject ""

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


import-csv 'c:\Vidya\ADAuto\home_folder.csv' |%{
$empid = $_.peoplesoftid
$drivepath = $_.new_path + $empid
$drivenew = $_.New_drive_letter
$net = $(New-Object -Com WScript.Network)
$drivepath
$net.MapNetworkDrive($drivenew,$drivepath)
Set-QADUser -identity $empid -objectAttributes
@{HomeDirectory=$drivepath;HomeDrive=$drivenew}

#Set-Variable -Name ErrMsg -Value "OK" -Scope Script;

Trap [Exception] {
Set-Variable -Name ErrMsg -Value "AC" -Scope global
Write-Host "Error occurred, ignoring it"
# Might set a variable so we can check for the error outside of Trap
$global:ErrMsg = ($_.Exception.Message.ToString()).Trim();

$dt = get-date

7
out-file -filepath C:\maphomefolder.log -encoding unicode -append -inputobject
"$global:ErrMsg $empid $dt"

Set-Variable -Name flgval -Value "T" -Scope global

Continue
}

if($global:flgval -ne "T")


{

$dt = get-date
out-file -filepath C:\maphomefolder.log -encoding unicode -append -inputobject
"Homedrive changed to $drivenew $empid $dt"
}
$global:flgval = ""

Script to move a user from one group to new group: “moveuser-tonewaccount.ps1”

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


#$ErrorActionPreference = "SilentlyContinue"
out-file -filepath C:\moveduserlog.txt -encoding unicode -inputobject "New Account
Old Account SamAccount Date-Time"
out-file -filepath C:\movedduserlog.txt -encoding unicode -append -inputobject ""

import-csv 'C:\Vidya\ADAuto\moveUser.csv' |%{

$samAccount=$_.SamAccountName

$groupold = $_.groupold

$groupnew = $_.groupnew

Remove-QADGroupMember -Identity $groupold -Member $samAccount


Add-QADgroupmember -member $samAccount -identity $groupnew

$dt = get-date
out-file -filepath C:\moveduserlog.txt -encoding unicode -append -inputobject
"$groupnew $groupold $samAccount $dt"

disconnect-qadService

8
Script to send email: “sendemail.ps1”

$emailFrom = "[email protected]" #get an id registered


EX: [email protected]
$emailTo = "[email protected],[email protected]" #can put a
distribution list here.
$subject = "AD Account Created"
$body = "AD Account is Created for all the staff ids present in the spreadsheet at
Location \\gscinh3fs1.hdpi.in.hsbc\AD_Automation\."
$smtpServer = "130.21.197.94"
$smtp = new-object Net.Mail.SmtpClient($smtpServer)
$smtp.Send($emailFrom, $emailTo, $subject, $body) >> gdgdg.txt

Script to unlock a user account: “unlockuser.ps1”

$ErrorActionPreference = "SilentlyContinue"
out-file -filepath C:\unlockuser.log -encoding unicode -inputobject "Action on Account
SamAccount Date-Time"
out-file -filepath C:\unlockuser.log -encoding unicode -append -inputobject ""

connect-QADService -proxy -service 'qualityassurance.ars.hk.hsbc'


import-csv NewUser.csv |%{
$user = $_.SamAccountName

Unlock-QADUser -Identity $user


#Set-Variable -Name ErrMsg -Value "OK" -Scope Script;

Trap [Exception] {
Set-Variable -Name ErrMsg -Value "AC" -Scope global
Write-Host "Error occurred, ignoring it"
# Might set a variable so we can check for the error outside of Trap
$global:ErrMsg = ($_.Exception.Message.ToString()).Trim();

$dt = get-date
out-file -filepath C:\ unlockuser.log -encoding unicode -append -inputobject
"$global:ErrMsg $user $dt"

Set-Variable -Name flgval -Value "T" -Scope global

Continue
}

if($global:flgval -ne "T")


{
$dt = get-date

9
out-file -filepath C:\unlockuser.log -encoding unicode -append -inputobject "Account
unlocked $user $dt"
}
$global:flgval = ""
}

10

You might also like