Create an Active Directory user with PowerShell (Updated)

Create an Active Directory user with PowerShell.

to run this script add a period (.) and drag the scrip into the PowerShell window.

Example:

[PS] C:\Documents and Settings\Administrator\Desktop>.C:\Documents and Settings\Administrator\Desktop\newuser.ps1

 

‘*********************************

 

# New User Creation Script
# 3-2018
# Don Wilwol
#
# *IMPORTANT**
# Create a subdirectory from the directory where this script will be run from
# Make sure the sub diectory is named DeptGroups
# In DeptGroups add the csv files with the Dept group names in them
# Each file **MUST** have a header of “Group”
# This can be any user classification that gets a particular set of groups
# if its by location then use the location instead of departments
#
# If you want to create an onprem mailbox The script must be run from the Exchange Shell
Write-Host “`n`n`n Script was weritten by Don Wilwol” -ForegroundColor Green
write-host “—– Enjoy —–” -ForegroundColor Green
write-host “—–”
###################################################################################################

Import-Module activedirectory
$FormatEnumerationLimit =-1
$date = ( get-date ).ToString(‘MM-dd-yyyy.hh-mm’)

######################################################################################
################### These must be configured for your environment ####################
######################################################################################
$domain = “@ex2016.com”
$RoutingDomain = ‘@tenantname.mail.onmicrosoft.com’

$OrganizationalUnit = ‘OU=TestUsers,DC=Ex2016,DC=com’
$HDr = “H:”

################### Function Lines ####################

# Show message box popup and return the button clicked by the user.
# Show input box popup and return the value entered by the user.
function Read-InputBoxDialog([string]$Message, [string]$WindowTitle, [string]$DefaultText)
{
Add-Type -AssemblyName Microsoft.VisualBasic
return [Microsoft.VisualBasic.Interaction]::InputBox($Message, $WindowTitle, $DefaultText)
}

#############################################
#################Input boxes#################

$Firstname = Read-InputBoxDialog -Message “First Name” -WindowTitle “First name” -DefaultText “FirstName”
if ($Firstname -eq “”) { write-host “You Cancel”
return
}
elseif ($Firstname -eq “FirstName”) { write-host “You Cancel”
Return
}
else { Write-Host “You entered $FirstName” }

$Lastname = Read-InputBoxDialog -Message “Last Name” -WindowTitle “Last name” -DefaultText “LastName”
if ($Lastname -eq “”) { write-host “You Cancel”
return }
elseif ($Lastname -like “LastName”) { write-host “You Cancel”
Return }
else { Write-Host “You entered $Lastname” }
#$Lastname = Read-Host “LastName: ”

write-host “—–”
write-host “—–”
write-host “Group Files available”
write-host “—–”
write-host ” ******* DO NOT include .csv ******”
write-host “—–”
write-host “—–”

get-childitem “./DeptGroups” | foreach{
write-host “`n ” $_.name -ForegroundColor Red }
write-host “`n`n—–”
write-host “—–”

$Dept = Read-InputBoxDialog -Message “Depatment or Classification File `nThey are Listed IN RED `nin the command Window`nDo Not include .csv” -WindowTitle “Departments” -DefaultText “IT”
if ($Dept -eq “”) { write-host “You Cancel”
return }

$name = $Firstname + ” ” + $Lastname
$name2 = $Firstname + ” ” + $Lastname
$username = $Firstname[0] + $Lastname
$username2 = $Firstname[0] + $Lastname
$emailAdd = “$Firstname.$Lastname” + $domain

#############################################
################# Password ##################

$password = Read-InputBoxDialog -Message “Password” -WindowTitle “Password” -DefaultText “P@ssw0rd” -AsSecureString
#$password = Read-Host “Enter password: ” -AsSecureString
#$password = ‘P@ssw0rd’
######################################################################################
############################# Create folder for Logs & create log file Path##########
If (test-path “./UserCreatelogs”){
}
Else
{mkdir “./UserCreatelogs”}
$file = “./UserCreatelogs\$username-$date.txt”

#####Check if names exist#######################
$ErrorActionPreference = “SilentlyContinue”
$a = get-aduser $username -properties * -erroraction ‘silentlycontinue’

If ($a.name -like “$name”){
write-host “`n Name’s In use. Will Use secondary `n”
$MI = Read-InputBoxDialog -Message “We’ll Need a Middle Intial” -WindowTitle “Middle Initial” -DefaultText “Z”
#$MI = Read-Host “Middle Initial: ”
$name = $Firstname + ‘.’ + $MI+ ‘.’ + $Lastname
Write-host “`n Name will be $name `n”
$username = $Firstname[0] + $MI + $Lastname
$ErrorActionPreference = “SilentlyContinue”
$b = get-aduser $username -properties * -erroraction ‘silentlycontinue’
If ($b.name -like “$name”){
“$name2 and $Name is in use, Script will fail. Username can not be found” | out-file “./UserCreatelogs\$date-FailureLog-$Name.txt” -append
write-host ” $name2 and $Name is in use, *** Script failed.*** Username can not be found. See Log File” -ForegroundColor RED
write-host “—–”
write-host “—–”
write-host ” —–*******——*******———`n`n`n`n`n`n`n`n” -ForegroundColor RED
return
}
}
if ($a.samaccountname -like “$username”){
write-host “`n SamaccountName In use. Will use secondary `n”
$username = $Firstname[0] + $MI + $Lastname
write-host “`n SamaccountName will be $username`n ”
$ErrorActionPreference = “SilentlyContinue”
$b = get-aduser $username -properties * -erroraction ‘silentlycontinue’
If ($a.samaccountname -like “$username”){
“$name2 and $Name is in use, Script will fail. Username can not be found” | out-file “./UserCreatelogs\$date-FailureLog-$Name.txt” -append
write-host ” $name2 and $Name is in use, *** Script failed.*** Username can not be found. See Log File” -ForegroundColor RED
write-host “—–”
write-host “—–”
write-host ” —–*******——*******———`n`n`n`n`n`n`n`n” -ForegroundColor RED
return
}
}
if ($a.EmailAddress -like “$emailAdd”){
write-host “`n Email Add In use. Will use secondary`n ”
$emailAdd = “$name$domain”
write-host “`n Email will be $emailAdd `n”

}

##### Write out to file #######################

“The Date is $date ” | out-file $file -append
$who = whoamI
“Run by $who `n” | out-file $file -append
“`n——————————- `n” | out-file $file -append
“`nTemp password is $Password `n” | out-file $file -append

“`n——————————- `n” | out-file $file -append

##################Create the user#######################
Write-Host “`n Working on $name `n”
NEW-ADUser $name -GivenName $Firstname -Surname $Lastname -enable $True -SamAccountName $username -Path $OrganizationalUnit -UserPrincipalName $emailAdd -accountPassword (ConvertTo-SecureString -AsPlainText $password -Force) -ChangePasswordAtLogon $false -OtherAttributes @{‘mail’=$emailAdd}

##### Set additional proxyaddress #######################
set-aduser -identity $username -Add @{‘proxyAddresses’ = $proxyAddresses | % { “smtp:$username$domain” }}

 

############ Setting other attributes #############################
$Desc = Read-InputBoxDialog -Message “Description” -WindowTitle “Description” -DefaultText “Regular User”
set-aduser -identity $username -description $Desc

$HO = Read-InputBoxDialog -Message “Home Office” -WindowTitle “Home Office” -DefaultText “Hoosick Falls”
set-aduser -identity $username -Office $HO

$HD = Read-InputBoxDialog -Message “Home Drive” -WindowTitle “Home Drive” -DefaultText ‘\\Servername\$MyShare\%username%’
set-aduser -identity $username -HomeDirectory $HD -Homedrive $HDr

$PH = Read-InputBoxDialog -Message “Phone” -WindowTitle “Phone” -DefaultText ‘518-686-XXXX’
set-aduser -identity $username -HomePhone $PH

 

############Disable the next two sections for a pure cloud mailbox user
############Disable these lines if not maiking a mailbox on-prem. Rem out for Office 365
$db = $NULL
#$db = get-mailboxdatabase | select name
#write-host $db.name
#$MDB = Read-InputBoxDialog -Message “Choose a Mailboxdatabase” -WindowTitle “Choose a Mailboxdatabase `n Choices are shown in the EM\C window” -DefaultText “MBDB1″
#Enable-Mailbox -Identity $username -database $MDB
#”`n`n Enabling on prem Mailbox for $username on database $MDB” | out-file $file -append

############ Enable these line for Making an O365 remote user
#(Read-InputBoxDialog -Message “Enable Office 365 Mailbox” -WindowTitle “Enable Office 365 Mailbox” -DefaultText “Script will wait for you to make sure the O365 Mailbox is ready”).WaitForExit()
#”`n`n enabling remoteMailBox for $emailAdd With an address of $username$RoutingDomain ” | out-file $file -append
#enable-remoteMailBox $emailAdd -RemoteRoutingAddress $username$RoutingDomain -PrimarySMTPAddress $emailAdd

Write-host “`n`n—————-” | out-file $file -append
Import-CSV “./DeptGroups\$Dept.csv” | % {
Write-host “`n`n Adding $Name to $_.Group”
“Adding $Name to $_.Group” | out-file $file -append
Add-ADGroupMember -Identity $_.Group -Member $UserName
}
“`n——————————- `n” | out-file $file -append

“`n`n” | Out-File $file -Append
“`n`n Running Get-aduser $username” | Out-File $file -Append
Get-aduser $username -properties * | out-file $file -append

Write-Host “`n`n`n Script is complete. Log file can be seen at $file`n`n`n`n`n`n`n`n” -ForegroundColor Green
write-host “—–”
write-host “—–”
write-host “—–”
write-host “—–“

Advertisements

Get Exchange Mailbox database sizes and sort so smallest is on top.

get-mailboxdatabase | foreach-object{select-object -inputobject $_ -property *,@{name=”MailboxDBSizeinGB”;expression={[math]::Round(((get-item (“\\” + $_.servername + “\” + $_.edbfilepath.pathname.replace(“:”,”$”))).length / 1GB),2)}}} | Sort-Object mailboxdbsizeinGB | format-table identity,mailboxdbsizeinGB –autosize

the output give a complete list of databases and puts the smallest one on top.

and if you want to simply double click a vbscript, here is a script “getdatabasesize.vbs” that calls the ps1. Its a little more user friendly. This is simply a vb script to call the powershell script.

Make sure you change the d:\ to the path its at.

code is

set objshell = createobject(“wscript.shell”)
vpsscript = “powershell.exe -noexit d:\getdatabasesize.ps1”
objshell.run vpsscript

Hope it Helps

dw

Uncheck the “Automatically update email addresses based on email address policy” on mail contacts.

So I want to uncheck (or disable) the “Automatically update email addresses based on email address policy” on mail contacts. I wanted to use powershell.

You’ll need the Quest Active Server role extensions. (http://www.quest.com/powershell/activeroles-server.aspx)

get-qadobject -IncludeAllProperties -sizelimit “0”  | where {$_.msExchPoliciesExcluded -like ” -and $_.type -like ‘contact’} | set-qadobject -ObjectAttributes  @{msExchPoliciesExcluded='{26491CFC-9E50-4857-861B-0CB8DF22B5D7}’}

Hope it helps

dw

report on what users are using activesync in Exchange 2007

A recent customer was looking for a convenient way to get a report on what users are using activesync in Exchange 2007.

Home to atthedatacenter.com

Get-Mailbox -ResultSize:Unlimited | ForEach {Get-ActiveSyncDeviceStatistics -Mailbox:$_.Identity} | Select-Object identity,devicemodel,LastSuccessSync | export-csv -path C:ActiveSyncExportsGetMailbox.csv

Then look for the C:ActiveSyncExports GetMailbox.csv file.

If you would like other information written, change or add to “identity,devicemodel,LastSuccessSync”

Possibilities are

FirstSyncTime, LastPolicyUpdateTime, LastSyncAttemptTime, LastSuccessSync, DeviceType, DeviceID, DeviceUserAgent, DeviceWipeSentTime, DeviceWipeRequestTime, DeviceWipeAckTime, ,LastPingHeartbeat, RecoveryPassword, DeviceModel, DeviceIMEI, DeviceFriendlyName, DeviceOS, DeviceOSLanguage, DevicePhoneNumber, Identity.

Another way would be to:

Log on to the cas servers. (This is the problem if you have multiple CAS servers. You will need to run this for each CAS server)

Look in C:inetpublogsLogFilesW3SVC1 for the latest logs. Replace the log name in the following command line. (You also need to make the directory ActiveSyncExports.

Export-ActiveSyncLog -FileName: “C:inetpublogsLogFilesW3SVC1u_ex091022.log” -StartDate:”10/20/09” -EndDate:”10/30/09” -UseGMT:$true -OutputPath:”c:ActiveSyncExports”

Run the command from the Exchange shell

Open c:ActiveSyncExports. The reports for that day will be in there. I think the user.csv will give you what you want. Unfortunately you will have to do this for each day (logs are created once a day) but it will give the user names as they logged on.

                                                                                                                                       Home to atthedatacenter.com

Hope it helps.  

dw