New User Powershell Script

To copy 

################################## Import ActiveDirectory ##############################################
 
Import-Module ActiveDirectory
 
################################## Import Exchange snap-in #############################################
 
add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010
 
########################################################################################################
 
#Clear-host
 
# Gets all of the users info to be copied to the new account
#Checking the user to copy if it exist
	do {
$nameds = Read-Host "Copy From Username"
if (dsquery user -samid $nameds){"AD User Found"
}
 
elseif ($nameds = "null") {"AD User not Found"}
}
while ($nameds -eq "null")
 
#Checking if the new user exist
 
do {
 
$NewUserds = Read-Host "New Username"
 
While ( $NewUserds -eq "" ) { $NewUserds = Read-Host "New Username"}
$NewUser = $Newuserds
 
#check if AD user exist	
if (dsquery user -samid $NewUserds){"Ad User Exist"}
 
#check imanage user exist
$SQLServer = "imanagesqlserver" #use Server\Instance for named SQL instances! 
$SqlQuery = "SELECT sum(A+B) FROM (select COUNT(1) as A FROM [imanagedatabase].[MHGROUP].DOCUSERS where [USERID]='$NewUserds') a
CROSS JOIN (select COUNT(1) as B FROM [imanagedatabase2].[MHGROUP].DOCUSERS where [USERID]='$NewUserds') b"
 
 
$SqlConnection = New-Object System.Data.SqlClient.SqlConnection
$SqlConnection.ConnectionString = "Server = $SQLServer; Integrated Security = True"
 
$SqlCmd = New-Object System.Data.SqlClient.SqlCommand
$SqlCmd.CommandText = $SqlQuery
$SqlCmd.Connection = $SqlConnection
 
$SqlAdapter = New-Object System.Data.SqlClient.SqlDataAdapter
$SqlAdapter.SelectCommand = $SqlCmd
 
$DataSet = New-Object System.Data.DataSet
[void]$SqlAdapter.Fill($DataSet)
 
$SqlConnection.Close()
 
$UserExist = $DataSet.Tables[0]| select -expand Column1
 
if ($UserExist -gt 0) {
$NewUserds -eq ""
"iManage User Found"
}
 
elseif ($NewUserds = "no") {"Validation OK"}
}
 
while ($Newuserds -ne "no")
 
 
# Gets all of the users info to be copied to the new account
 
$name = Get-AdUser -Identity $nameds -Properties *
 
$DN = $name.distinguishedName
$OldUser = [ADSI]"LDAP://$DN"
$Parent = $OldUser.Parent
$OU = [ADSI]$Parent
$OUDN = $OU.distinguishedName
$NewUser = Read-Host "New Username"
$firstname = Read-Host "First Name"
$Lastname = Read-Host "Last Name"
$Extention = Read-Host "Users Extension"
$Password = Read-Host "New Password"
$SecurePassword = ConvertTo-SecureString $Password –asplaintext –force
$NewName = "$firstname $lastname"
$domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() 
$newuserfinitial = $firstname.substring(0,1)
$pager = $name.Pager
$newusernumber= $pager.Substring(0,$pager.Length-3)+$Extention
$OldNotes = $name.info
 
#Remove Spaces for Make Email Alias Correct
$Lastnamens = $Lastname -replace '\s',''
 
# Creates the user from the copied properties
 
New-ADUser -SamAccountName $NewUser -Name $NewName -GivenName $firstname -Surname $lastname -EmailAddress $newuserfinitial$Lastnamens@domain.com  -Instance $DN -Path "$OUDN" -AccountPassword $SecurePassword –userPrincipalName $NewUser@$domain -Company $name.Company -Department $name.Department -Manager $name.Manager -title $name.Title -Description $name.Description -HomePage $name.HomePage  -Office $name.Office -City $name.city -PostalCode $name.postalcode -Country $name.country -OfficePhone $newusernumber -Fax $name.fax -State $name.State -StreetAddress $name.StreetAddress  -homedrive "H" -homedirectory "\\domain.local\dfs\home\$NewUser" -Enabled $true
 
#Copy Signature
Set-ADUser $NewUser -Replace @{info="$OldNotes"}
Set-ADUser $NewUser -Replace @{pager="$newusernumber"}
 
# Set Profile Location
$NewUserAdDetails = Get-AdUser -Identity $NewUser -Properties *
$DN = $NewUserAdDetails.distinguishedName
$NewUserLdap = [ADSI]"LDAP://$DN"
$NewUserLdap.psbase.invokeset(“terminalservicesprofilepath”,”\\domain.local\dfs\profiles\$NewUser)
$NewUserLdap.setinfo()
 
 
# gets groups from the Copied user and populates the new user in them
 
write-host "Copying Group Membership"
 
$groups = (GET-ADUSER –Identity $name –Properties MemberOf).MemberOf
foreach ($group in $groups) { 
 
Add-ADGroupMember -Identity $group -Members $NewUser
}
 
$count = $groups.count
 
#Check to see if new user is member of group and do things - Use Windows 2000 Name
$newusergroups = (GET-ADUSER –Identity $NewUser –Properties MemberOf).MemberOf
if ($newusergroups -match '#ADGROUP') { 
 
$currentuser = [Environment]::UserName
 
#Give the user who is running the script full permissions to the user Mailbox but don't add to Outlook
Add-MailboxPermission -Identity $NewUser -User $currentuser  -AccessRights FullAccess -Automapping $false
 
#Create the Folders
C:\scripts\Folders.ps1 $NewUser
 
#Remove Permissions
Remove-MailboxPermission -Identity $NewUser -User $currentuser -AccessRights FullAccess
 
}
 
# List of Mailbox DB
 
$databases = Get-MailboxDatabase
$Count = 0
 
Foreach ($database in $databases){
 
    Write-Host $Count "." $database.Name
    $Count ++
 
}
 
$Choice = Read-Host "Please choose a Database to list databases from"
 
$db = $databases[$Choice].Name
 
# After some testing it seems that sometimes ad don't have time to process everything and while trying to access the user for exchange it gave error.
 
write-host "Waiting time for Ad to process earliers operations"
 
Start-Sleep -s 30
 
#Clear-host
 
# Creates the New users mailbox 
 
Enable-Mailbox -Identity $NewUser@$domain -alias "$NewUser" -ManagedFolderMailboxPolicyAllowed -Database "$db"
 
# Sets secondary smtp adress while specifying the Primary smtp adress(1st address with the SMTP is the primary one).
 
Start-Sleep -s 15
 
Set-Mailbox "$NewUser" -EmailAddressPolicyEnabled $false -EmailAddresses SMTP:"[email protected]"
 
#Does the user have a value for custom attribute e.g. Partner? if so copy to new user
 
if(Get-Mailbox -Identity $user | Select -Expand CustomAttribute1) { Set-Mailbox -Identity $newuser -CustomAttribute1 (Get-Mailbox -Identity $user | Select -Expand CustomAttribute1) }
 
#clear-host
 
# Creates the New user Profile Folder
New-item \\domain.local\dfs\profiles\"$newuser" -type directory
$acl = Get-Acl \\domain.local\dfs\profiles\"$NewUser"
$acl.GetAccessRules($true, $true, [System.Security.Principal.NTAccount])
$acl.SetAccessRuleProtection($true, $true)
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule "domain\$NewUser","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow"
$acl.addAccessRule($rule)
Set-Acl \\domain.local\dfs\profiles\"$NewUser" $acl
 
# Creates the New user Home Folder
New-item \\domain.local\dfs\home\"$newuser" -type directory
$acl = Get-Acl \\domain.local\dfs\home\"$NewUser"
$inheritanceFlags = ([Security.AccessControl.InheritanceFlags]::ContainerInherit -bor [Security.AccessControl.InheritanceFlags]::ObjectInherit) 
$propagationFlags = [Security.AccessControl.PropagationFlags]::None 
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule "domain\$NewUser","FullControl",$inheritanceFlags, $propagationFlags,"Allow"
$acl.addAccessRule($rule)
Set-Acl \\domain.local\dfs\home\"$NewUser" $acl
 
Set-AdUser -Identity $NewUser -Replace @{HomeDirectory="\\domain.local\dfs\home\$NewUser"}
 
$homedrivereadded = Read-Host "Now can you reset the homedrive as the script doesn't do a very good job"
 
#Logging in as user to create redirected
$ProcessInfo = New-Object System.Diagnostics.ProcessStartInfo
$Process = New-Object System.Diagnostics.Process
 
$ProcessInfo.FileName = "$($env:SystemRoot)\system32\cmdkey.exe"
$ProcessInfo.Arguments = "/generic:TERMSRV/TERMINALSERVERNAME /user:$NewUser /pass:$Password"
$Process.StartInfo = $ProcessInfo
$Process.Start()
 
$ProcessInfo.FileName = "$($env:SystemRoot)\system32\mstsc.exe"
$ProcessInfo.Arguments = "$MstscArguments /v $Computer"
$Process.StartInfo = $ProcessInfo
$Process.Start()

 

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...