Create an Active Directory user with PowerShell (Updated)

Create an Active Directory user with PowerShell.

to run this script add a period (.) and drag the scrip into the PowerShell window.

Example:

[PS] C:\Documents and Settings\Administrator\Desktop>.C:\Documents and Settings\Administrator\Desktop\newuser.ps1

 

‘*********************************

 

# New User Creation Script
# 3-2018
# Don Wilwol
#
# *IMPORTANT**
# Create a subdirectory from the directory where this script will be run from
# Make sure the sub diectory is named DeptGroups
# In DeptGroups add the csv files with the Dept group names in them
# Each file **MUST** have a header of “Group”
# This can be any user classification that gets a particular set of groups
# if its by location then use the location instead of departments
#
# If you want to create an onprem mailbox The script must be run from the Exchange Shell
Write-Host “`n`n`n Script was weritten by Don Wilwol” -ForegroundColor Green
write-host “—– Enjoy —–” -ForegroundColor Green
write-host “—–”
###################################################################################################

Import-Module activedirectory
$FormatEnumerationLimit =-1
$date = ( get-date ).ToString(‘MM-dd-yyyy.hh-mm’)

######################################################################################
################### These must be configured for your environment ####################
######################################################################################
$domain = “@ex2016.com”
$RoutingDomain = ‘@tenantname.mail.onmicrosoft.com’

$OrganizationalUnit = ‘OU=TestUsers,DC=Ex2016,DC=com’
$HDr = “H:”

################### Function Lines ####################

# Show message box popup and return the button clicked by the user.
# Show input box popup and return the value entered by the user.
function Read-InputBoxDialog([string]$Message, [string]$WindowTitle, [string]$DefaultText)
{
Add-Type -AssemblyName Microsoft.VisualBasic
return [Microsoft.VisualBasic.Interaction]::InputBox($Message, $WindowTitle, $DefaultText)
}

#############################################
#################Input boxes#################

$Firstname = Read-InputBoxDialog -Message “First Name” -WindowTitle “First name” -DefaultText “FirstName”
if ($Firstname -eq “”) { write-host “You Cancel”
return
}
elseif ($Firstname -eq “FirstName”) { write-host “You Cancel”
Return
}
else { Write-Host “You entered $FirstName” }

$Lastname = Read-InputBoxDialog -Message “Last Name” -WindowTitle “Last name” -DefaultText “LastName”
if ($Lastname -eq “”) { write-host “You Cancel”
return }
elseif ($Lastname -like “LastName”) { write-host “You Cancel”
Return }
else { Write-Host “You entered $Lastname” }
#$Lastname = Read-Host “LastName: ”

write-host “—–”
write-host “—–”
write-host “Group Files available”
write-host “—–”
write-host ” ******* DO NOT include .csv ******”
write-host “—–”
write-host “—–”

get-childitem “./DeptGroups” | foreach{
write-host “`n ” $_.name -ForegroundColor Red }
write-host “`n`n—–”
write-host “—–”

$Dept = Read-InputBoxDialog -Message “Depatment or Classification File `nThey are Listed IN RED `nin the command Window`nDo Not include .csv” -WindowTitle “Departments” -DefaultText “IT”
if ($Dept -eq “”) { write-host “You Cancel”
return }

$name = $Firstname + ” ” + $Lastname
$name2 = $Firstname + ” ” + $Lastname
$username = $Firstname[0] + $Lastname
$username2 = $Firstname[0] + $Lastname
$emailAdd = “$Firstname.$Lastname” + $domain

#############################################
################# Password ##################

$password = Read-InputBoxDialog -Message “Password” -WindowTitle “Password” -DefaultText “P@ssw0rd” -AsSecureString
#$password = Read-Host “Enter password: ” -AsSecureString
#$password = ‘P@ssw0rd’
######################################################################################
############################# Create folder for Logs & create log file Path##########
If (test-path “./UserCreatelogs”){
}
Else
{mkdir “./UserCreatelogs”}
$file = “./UserCreatelogs\$username-$date.txt”

#####Check if names exist#######################
$ErrorActionPreference = “SilentlyContinue”
$a = get-aduser $username -properties * -erroraction ‘silentlycontinue’

If ($a.name -like “$name”){
write-host “`n Name’s In use. Will Use secondary `n”
$MI = Read-InputBoxDialog -Message “We’ll Need a Middle Intial” -WindowTitle “Middle Initial” -DefaultText “Z”
#$MI = Read-Host “Middle Initial: ”
$name = $Firstname + ‘.’ + $MI+ ‘.’ + $Lastname
Write-host “`n Name will be $name `n”
$username = $Firstname[0] + $MI + $Lastname
$ErrorActionPreference = “SilentlyContinue”
$b = get-aduser $username -properties * -erroraction ‘silentlycontinue’
If ($b.name -like “$name”){
“$name2 and $Name is in use, Script will fail. Username can not be found” | out-file “./UserCreatelogs\$date-FailureLog-$Name.txt” -append
write-host ” $name2 and $Name is in use, *** Script failed.*** Username can not be found. See Log File” -ForegroundColor RED
write-host “—–”
write-host “—–”
write-host ” —–*******——*******———`n`n`n`n`n`n`n`n” -ForegroundColor RED
return
}
}
if ($a.samaccountname -like “$username”){
write-host “`n SamaccountName In use. Will use secondary `n”
$username = $Firstname[0] + $MI + $Lastname
write-host “`n SamaccountName will be $username`n ”
$ErrorActionPreference = “SilentlyContinue”
$b = get-aduser $username -properties * -erroraction ‘silentlycontinue’
If ($a.samaccountname -like “$username”){
“$name2 and $Name is in use, Script will fail. Username can not be found” | out-file “./UserCreatelogs\$date-FailureLog-$Name.txt” -append
write-host ” $name2 and $Name is in use, *** Script failed.*** Username can not be found. See Log File” -ForegroundColor RED
write-host “—–”
write-host “—–”
write-host ” —–*******——*******———`n`n`n`n`n`n`n`n” -ForegroundColor RED
return
}
}
if ($a.EmailAddress -like “$emailAdd”){
write-host “`n Email Add In use. Will use secondary`n ”
$emailAdd = “$name$domain”
write-host “`n Email will be $emailAdd `n”

}

##### Write out to file #######################

“The Date is $date ” | out-file $file -append
$who = whoamI
“Run by $who `n” | out-file $file -append
“`n——————————- `n” | out-file $file -append
“`nTemp password is $Password `n” | out-file $file -append

“`n——————————- `n” | out-file $file -append

##################Create the user#######################
Write-Host “`n Working on $name `n”
NEW-ADUser $name -GivenName $Firstname -Surname $Lastname -enable $True -SamAccountName $username -Path $OrganizationalUnit -UserPrincipalName $emailAdd -accountPassword (ConvertTo-SecureString -AsPlainText $password -Force) -ChangePasswordAtLogon $false -OtherAttributes @{‘mail’=$emailAdd}

##### Set additional proxyaddress #######################
set-aduser -identity $username -Add @{‘proxyAddresses’ = $proxyAddresses | % { “smtp:$username$domain” }}

 

############ Setting other attributes #############################
$Desc = Read-InputBoxDialog -Message “Description” -WindowTitle “Description” -DefaultText “Regular User”
set-aduser -identity $username -description $Desc

$HO = Read-InputBoxDialog -Message “Home Office” -WindowTitle “Home Office” -DefaultText “Hoosick Falls”
set-aduser -identity $username -Office $HO

$HD = Read-InputBoxDialog -Message “Home Drive” -WindowTitle “Home Drive” -DefaultText ‘\\Servername\$MyShare\%username%’
set-aduser -identity $username -HomeDirectory $HD -Homedrive $HDr

$PH = Read-InputBoxDialog -Message “Phone” -WindowTitle “Phone” -DefaultText ‘518-686-XXXX’
set-aduser -identity $username -HomePhone $PH

 

############Disable the next two sections for a pure cloud mailbox user
############Disable these lines if not maiking a mailbox on-prem. Rem out for Office 365
$db = $NULL
#$db = get-mailboxdatabase | select name
#write-host $db.name
#$MDB = Read-InputBoxDialog -Message “Choose a Mailboxdatabase” -WindowTitle “Choose a Mailboxdatabase `n Choices are shown in the EM\C window” -DefaultText “MBDB1″
#Enable-Mailbox -Identity $username -database $MDB
#”`n`n Enabling on prem Mailbox for $username on database $MDB” | out-file $file -append

############ Enable these line for Making an O365 remote user
#(Read-InputBoxDialog -Message “Enable Office 365 Mailbox” -WindowTitle “Enable Office 365 Mailbox” -DefaultText “Script will wait for you to make sure the O365 Mailbox is ready”).WaitForExit()
#”`n`n enabling remoteMailBox for $emailAdd With an address of $username$RoutingDomain ” | out-file $file -append
#enable-remoteMailBox $emailAdd -RemoteRoutingAddress $username$RoutingDomain -PrimarySMTPAddress $emailAdd

Write-host “`n`n—————-” | out-file $file -append
Import-CSV “./DeptGroups\$Dept.csv” | % {
Write-host “`n`n Adding $Name to $_.Group”
“Adding $Name to $_.Group” | out-file $file -append
Add-ADGroupMember -Identity $_.Group -Member $UserName
}
“`n——————————- `n” | out-file $file -append

“`n`n” | Out-File $file -Append
“`n`n Running Get-aduser $username” | Out-File $file -Append
Get-aduser $username -properties * | out-file $file -append

Write-Host “`n`n`n Script is complete. Log file can be seen at $file`n`n`n`n`n`n`n`n” -ForegroundColor Green
write-host “—–”
write-host “—–”
write-host “—–”
write-host “—–“

Advertisements

A script to get a count of the number of users per server per DAG

Shared from Ron Williams @ https://r0nwilliams.wordpress.com/

A script to get a count of the number of users per server per DAG:

##Script start

$AllData = New-Object System.Collections.ArrayList
$Dags = Get-DatabaseAvailabilityGroup
foreach ($Dag in $Dags)
{
foreach ($Server in $Dag.Servers)
{
$Count = (get-mailbox -Server $Server -ResultSize unlimited).count
$Object = New-Object PSCustomObject -Property @{
ServerName = $Server
Users =       $Count
DAGName = $Dag.Name
}
[void]$AllData.Add($Object)
}
}
$AllData

 

 

Looks like:

t

Register a DAG IP (ipconfig /registerdns for DAG’S)

I ran into an issue recently where I needed to register the IP of a DAG. I discovered this wasn’t well documented and it took a while to figure out how to get it registered.

 

I first tried running ipconfig /registerdns on the primary active manager. To find the primary active manager you must run

 

get-databaseavailabilitygroup <name> -status | select name,primaryactivemanager

 

But that did not work. What does work is running,

cluster . res "Cluster Name" /registerdns

on any of the cluster nodes.

 

Also note:

The DAG will attempt to register on its own at some random time within 2 hours of midnight.

 

Hope it helps.

dw

Exchange 2010 email policies

I had a conversation recently with a customer about email address policies in Exchange 2010. Here is the truth, straight from technet and verified in the lab.

1. You can NOT create an email address policy for a domain that is not an accepted domain. Exchange does care, even if the customer doesn’t.

2. When you create an email address policy you have 3 choices, “don’t apply”,” apply Immediately” or “schedule the apply”.

a. Apply “Immediately” applies to all applicable recipients as soon as it can get to it.

b. Schedule the apply, applies after the scheduled time(starting at that time).

i. Remember  when applying in a larger environment it can take some time to apply.

c. “Do Not apply”, does not apply the policy at all.

3. When creating a new object the policy gets applied to that object(no matter how, or if the policy was ever applied before).

4. No matter what you’ve chosen when creating the policy the following applies

a. When you right click a policy and select apply, it gets applied (or you run Update-EmailAddressPolicy)

b. When the object changes, the policy gets applied

i. Note in my lab I simply updated the objects description and the policy was applied. Database moves, renames etc, all will force a policy update (on that object only).

So note that just like 2003 and 2007, if the policy is never applied manually or at policy creation, and an existing object never gets changed in any way, the policy will never be applied.

Uncheck the automatically update based on email address policy check box and a policy is NEVER applied to the object.

Exchange 2010 does NOT check occasionally or on some cycle and apply policies other than those instances stated above.

The “applied” column in the EMC is really of little value. It only shows whether or not the policy was ever manually applied. Manually applied only refers to objects that existed at the time of the application, which is unknown.

 

Also note I had an issue were a new policy got applied across the entire environment for what appeared to be no apparent reason.

My suggestion is to think about disabling the EmailAddressPolicyEnabled attribute when in doubt. Change it back slowly if you wish, after testing is complete.

 

Hope it helps

dw

Finding Exchange 2010 archive mailbox sizes.

With Exchange 2010 SP 1 the archive mailbox functionality is a little more usable.  This means we will need to discover ways to manage and report on these mailboxes.

So, “How do you see the size of the archive mailbox?”

Use get-mailboxstatistics mailboxname –archive.

To see all of the archive mailboxes Get-Mailbox -archive | Get-MailboxStatistics -archive |fl DisplayName, Total*

There .

I haven’t test this yet, but also found this. It’s a GUI based view of all Exchange  2010 mailboxes with mailbox sizes.

Finally, the ability to see mailbox sizes in one place!!!!!

http://gsexdev.blogspot.com/2010/03/mailbox-size-gui-exchange-2010-remote.html

Hope it Helps

dw

Upgrade Exchange 2010 RTM to Exchange 2010 Service Pack 1

This is an upgrade of an All in one Exchange 2010 RTM server to Exchange 2010 SP 1.

clip_image002

clip_image004

clip_image006

clip_image008

clip_image010

clip_image012

clip_image014

I was missing some updates. So I ran windows updates.

All prerequisites are here – http://technet.microsoft.com/en-us/library/bb691354.aspx

clip_image016

After windows updates it still needed these:

http://code.msdn.microsoft.com/KB982867.

(http://go.microsoft.com/fwlink/?linkid=3052&kbid=979744).

http://code.msdn.microsoft.com/KB983440.

(http://support.microsoft.com/kb/977020).

(http://support.microsoft.com/?kbid=979099).

After all that, it let me continue.

clip_image018

clip_image020

clip_image022

All green is good.

clip_image024

Hope it Helps

dw

Get Exchange Mailbox database sizes and sort so smallest is on top.

get-mailboxdatabase | foreach-object{select-object -inputobject $_ -property *,@{name=”MailboxDBSizeinGB”;expression={[math]::Round(((get-item (“\\” + $_.servername + “\” + $_.edbfilepath.pathname.replace(“:”,”$”))).length / 1GB),2)}}} | Sort-Object mailboxdbsizeinGB | format-table identity,mailboxdbsizeinGB –autosize

the output give a complete list of databases and puts the smallest one on top.

and if you want to simply double click a vbscript, here is a script “getdatabasesize.vbs” that calls the ps1. Its a little more user friendly. This is simply a vb script to call the powershell script.

Make sure you change the d:\ to the path its at.

code is

set objshell = createobject(“wscript.shell”)
vpsscript = “powershell.exe -noexit d:\getdatabasesize.ps1”
objshell.run vpsscript

Hope it Helps

dw