-
-
Save davejlong/d6bc508368fa8807b8b8fb5d1820c1c5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### | |
# Fill in the below with the settings for your environment | |
### | |
$UserShare = "\\DATA-01\Users\" | |
$UserOU = "DC=contoso,DC=com,OU=MyBusiness,OU=Users,OU=Office365 Users" | |
$EmailDomain = "contoso.com" | |
# Generate a random pronouncable password with 4 letters and 4 numbers | |
function Get-RandomPassword { | |
$Consonents = 'B','C','D','F','G','H','J','K','L','M','N','P','Q','R','S','T','V','W','X','Z' | |
$Vowels = 'A','E','I','O','U','Y' | |
function Get-RandomConsonant() { Get-Random -InputObject $Consonents } | |
function Get-RandomVowel() { Get-Random -InputObject $Vowels } | |
$Password = "$(Get-RandomConsonant)" | |
$Password += "$(Get-RandomVowel)$(Get-RandomConsonant)$(Get-RandomVowel)".ToLower() | |
$Password += "$(Get-Random -Minimum 1000 -Maximum 9999)" | |
return $Password | |
} | |
# Create the username by taking the first letter of the first name and the last name | |
function Get-Username { | |
param( | |
[Parameter(Mandatory)] | |
[ValidateNotNullOrEmpty()] | |
[String]$FirstName, | |
[Parameter(Mandatory)] | |
[ValidateNotNullOrEmpty()] | |
[String]$LastName | |
) | |
return "$($FirstName.Substring(0,1))$($LastName)" | |
} | |
# Create a new user in ActiveDirectory and sync it to Office 365 if possible | |
function New-CompanyAdUser { | |
[CmdletBinding()] | |
param | |
( | |
[Parameter(Mandatory)] | |
[ValidateNotNullOrEmpty()] | |
[pscustomobject]$EmployeeRecord | |
) | |
$ou = $UserOU | |
## Generate a random password | |
$secPw = ConvertTo-SecureString -String (Get-RandomPassword) -AsPlainText -Force | |
## Generate a first initial/last name username | |
$username = Get-Username -FirstName $EmployeeRecord.FirstName -LastName $EmployeeRecord.LastName | |
## Create the user | |
$NewUserParameters = @{ | |
GivenName = $EmployeeRecord.FirstName | |
Surname = $EmployeeRecord.LastName | |
Name = $userName | |
AccountPassword = $secPw | |
Path = $ou | |
OtherAttributes = @{"mail"="$userName@$EmailDomain"} | |
} | |
New-AdUser @NewUserParameters | |
if (Get-Module -ListAvailable -Name ADSync) { | |
Start-ADSyncSyncCycle -PolicyType Delta | |
} | |
} | |
# Create a new folder in the users share owned by the new user we created | |
function New-UserFolder { | |
[CmdletBinding()] | |
param( | |
[Parameter(Mandatory)] | |
[ValidateNotNullOrEmpty()] | |
[pscustomobject]$EmployeeRecord | |
) | |
$Username = Get-Username -FirstName $EmployeeRecord.FirstName -LastName $EmployeeRecord.LastName | |
New-Item -Path "$UserShare\$Username" -ItemType Directory | |
New-Item -Path "$UserShare\$Username\Scans" -ItemType Directory | |
$User = Get-ADUser $Username | |
$ACL = Get-ACL "$UserShare\$Username" | |
$ACL.SetOwner($User.SID) | |
Set-ACL -Path $ACL.Path -AclObject $ACL | |
} | |
function Read-Employee { | |
@(@{FirstName={[FirstName]};LastName={[LastName]}}) | |
} | |
$functions = 'New-CompanyAdUser', 'New-UserFolder' | |
foreach ($employee in (Read-Employee)) { | |
foreach ($function in $functions) { | |
& $function -EmployeeRecord $employee | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment