Freigeben über


Create/Update AD users and Group Membership

Many of the times, you need to create users, groups, (test)OU for quick setting up environment. You may have a list of users and attributes in a CSV file for this purpose. However, generally the need to add certain users to be part of certain groups is based of of some logic. For example: HR, Marketing, Sales <-- they all represent sort of 'Department'. This also happens to be one of the attributes for an AD user account. There could be many more domain groups represented by attributes, to name a few: country, city..

Attached script is an attempt to automate similar tasks. It pick certain attribute from AD user accounts and makes sure they are part of groups represented by certain attributes. Again, for example 'Department' attribute will display various departments for various users and they are likely to be in their respective department groups. It can pickup users from CSV file and check for all the users' attributes and check (or create) groups to add memberships to. If users are missing from AD, they will be created.

Below are some sample examples:

EXAMPLE: .\createUsersAndGroups.ps1 -csvFilePath .\listOfUsers.csv -Attribute surname 1. Above example will create users from listof users from the CSV file into the default UsersContainer since OU is not provided. 2. It will pick the 'surname' attribute from the user objects and group them with their surnames to create groups, if missing. 3. It will add/update respective users to their surname groups.

EXAMPLE .\createUsersAndGroups.ps1 -csvFilePath .\listOfUsers.csv -Attribute surname -OUName 'TestingOU' 1. Above example will check for OU existance 'TestingOU' under domain root, i.e., OU=TestingOu,DC=Contoso,DC=Local - and will create if missing. 2. It will create users from listof users from the CSV file into the newly created OU. 3. It will pick the 'surname' attribute from the user objects and group them with their surnames to create groups, if missing. 4. It will add/update respective users to their surname groups.

==> Here is sample output:
PS C:\bridge\createADUsersGroupsOU> .\createUsersAndGroups.ps1 -csvFilePath .\listOfUsers.csv -Attribute Company -Verbose
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: .\listOfUsers.csv successfully imported
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: ************ Attempting create users from .\listOfUsers.csv ************
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: User johnd already exists - updated attributes as per CSV file.
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: User test1 already exists - updated attributes as per CSV file.
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: ************ Attempting to add users with attribute Company to Company groups
************
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: The group myCompany F5 already exists
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: Users with myCompany F5 Company updated to the group myCompany F5:
kt muskant vimalt manharlalt kirtibent parint suhanat poorvit maharshit manishm falgunim sarthakm dhwanim
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: The group Fantasy Land Inc already exists
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: Users with Fantasy Land Inc Company updated to the group Fantasy Land Inc:
Johnd
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: The group Testing Mania already exists
VERBOSE: 30-Mar-2018 || 16:45:44.086 :: Users with Testing Mania Company updated to the group Testing Mania:
test1

The script can be downloaded from Scripting Gallery: Script