Skip to content

Instantly share code, notes, and snippets.

@darrenjrobinson
Last active February 2, 2016 06:13
Show Gist options
  • Save darrenjrobinson/8d198c341015abde8b4f to your computer and use it in GitHub Desktop.
Save darrenjrobinson/8d198c341015abde8b4f to your computer and use it in GitHub Desktop.
MIMUsrPlacementPSMA-Export
param
(
$username,
$password,
$Credentials,
$ExportType
)
begin
{
$DebugFilePath = "C:\PROGRA~1\MICROS~4\2010\SYNCHR~1\EXTENS~2\Placement\Placement\DebugOUExportMA.txt"
if(!(Test-Path $DebugFilePath))
{$DebugFile = New-Item -Path $DebugFilePath -ItemType File}
else
{$DebugFile = Get-Item -Path $DebugFilePath}
"Starting Export : " + (Get-Date) | Out-File $DebugFile -Append
$securestring = New-Object -TypeName System.Security.SecureString
# The OU where we land the new users. The ones that then need to be moved
$landingOU = "OU=MIM,OU=customer,DC=domain,DC=com,DC=au"
}
process
{
$error.clear()
write-debug " Obj: $_ " | out-file $DebugFile -Append
$errorstatus = "success"
$errordetails = $null
$Identifier = $_.Identifier
$objectGuid = $_.DN
#Loop through changes and update parameters
foreach ($can in $_.ChangedAttributeNames)
{
$can | out-file $DebugFile -append
foreach ($ValueChange in $_.AttributeChanges[$can].ValueChanges)
{
if ( $can -eq 'distinguishedName'){$newOU = $ValueChange.value}
if ( $can -eq 'targetOU')
{
if ($ValueChange.value -ne $null )
{
$newOU = $ValueChange.value
}
else
{
$newOU = $null
}
}
}
}
if ($_.ObjectModificationType -eq 'Add')
{
# adds are caught by importing new objects from Active Directory (see import script)
# and joining these to existing user objects on the metaverse
throw "Add modification are not supported"
}
if ($_.ObjectModificationType -eq 'Delete')
{
# deletes are caught by importing deleted objects (isDeleted) from Active
# Directory (see import script). This way we clear up the CS
throw "Delete modification are not supported"
}
#Supported ChangeType is Replace
if ($_.ObjectModificationType -match 'Replace')
{
$errorstatus = "success" | out-file $DebugFile -append
# Lookup the object so we know it exists before we enable the user
$curUser = New-Object System.DirectoryServices.DirectoryEntry "LDAP://<GUID=$objectGuid>", $username, $password
if ( $curUser -and $newOU)
{
# Lets make sure the user is still in the LandingOU
if ($curUser.Properties["distinguishedName"][0].Contains($landingOU))
{
$userOU = $newOU | ForEach-Object {
$_ -replace '^.+?(?<!\\),',''
}
Move-ADObject -Credential $Credentials -Identity $objectGuid -TargetPath $userOU
}
}
}
#Return the result to the MA
$obj = @{}
$obj.Add("[Identifier]",$Identifier)
$obj.Add("[ErrorName]","success")
if($errordetails){$obj.Add("[ErrorDetail]",$errordetails) | out-file $DebugFile -append }
$obj
}
end
{
Write-out "Done" | out-file $DebugFile -append
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment