Created
October 24, 2014 07:23
-
-
Save jeroenmaes/530c4728b49bcd7fd292 to your computer and use it in GitHub Desktop.
Create BizTalk Groups and Service Accounts with PowerShell
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Path where to create the biztalk groups and service accounts | |
$BtsOuPath = "OU=BizTalk,OU=Service Accounts,DC=LABO,DC=local" | |
# Path where to create the biztalk admin user | |
$AdminOuPath = "CN=Users,DC=LABO,DC=local" | |
$DomainAdmin = "JMADMIN" | |
$BtsAdmin = "BTSADMIN" | |
# Convert the plain text passwords | |
$BtsAdminPassword = ConvertTo-SecureString "P@$$w0rd0" -AsPlainText -Force | |
$SSOServiceUserPassword = ConvertTo-SecureString "P@$$w0rd1" -AsPlainText -Force | |
$BTSHostUserPassword = ConvertTo-SecureString "P@$$w0rd2" -AsPlainText -Force | |
$BTSIsoHostUserPassword = ConvertTo-SecureString "P@$$w0rd3" -AsPlainText -Force | |
# Create biztalk groups | |
New-ADGroup -Name "SSO Administrators" -GroupCategory Security -GroupScope Global -DisplayName "SSO Administrators" -Path $BtsOuPath | |
New-ADGroup -Name "SSO Affiliate Administrators" -GroupCategory Security -GroupScope Global -DisplayName "SSO Affiliate Administrators" -Path $BtsOuPath | |
New-ADGroup -Name "BizTalk Application Users" -GroupCategory Security -GroupScope Global -DisplayName "BizTalk Application Users" -Path $BtsOuPath | |
New-ADGroup -Name "BizTalk Isolated Host Users" -GroupCategory Security -GroupScope Global -DisplayName "BizTalk Isolated Host Users" -Path $BtsOuPath | |
New-ADGroup -Name "BizTalk Server Administrators" -GroupCategory Security -GroupScope Global -DisplayName "BizTalk Server Administrators" -Path $BtsOuPath | |
New-ADGroup -Name "BizTalk Server Operators" -GroupCategory Security -GroupScope Global -DisplayName "BizTalk Server Operators" -Path $BtsOuPath | |
New-ADGroup -Name "BizTalk Server B2B Operators" -GroupCategory Security -GroupScope Global -DisplayName "BizTalk Server B2B Operators" -Path $BtsOuPath | |
# Create service accounts | |
New-ADUser -SamAccountName SSOServiceUser -AccountPassword $SSOServiceUserPassword -name "SSOServiceUser" -enabled $true -PasswordNeverExpires $true -CannotChangePassword $true -ChangePasswordAtLogon $false -Path $BtsOuPath | |
New-ADUser -SamAccountName BTSHostUser -AccountPassword $BTSHostUserPassword -name "BTSHostUser" -enabled $true -PasswordNeverExpires $true -CannotChangePassword $true -ChangePasswordAtLogon $false -Path $BtsOuPath | |
New-ADUser -SamAccountName BTSIsoHostUser -AccountPassword $BTSIsoHostUserPassword -name "BTSIsoHostUser" -enabled $true -PasswordNeverExpires $true -CannotChangePassword $true -ChangePasswordAtLogon $false -Path $BtsOuPath | |
New-ADUser -SamAccountName $BtsAdmin -AccountPassword $$BtsAdminPassword -name $BtsAdmin -enabled $true -PasswordNeverExpires $true -CannotChangePassword $true -ChangePasswordAtLogon $false -Path $AdminOuPath | |
# Add the service accounts to necessary groups | |
Add-ADPrincipalGroupMembership -Identity "SSOServiceUser" -MemberOf "SSO Administrators" | |
Add-ADPrincipalGroupMembership -Identity "BizTalk Server Administrators" -MemberOf "SSO Administrators" | |
Add-ADPrincipalGroupMembership -Identity $BtsAdmin -MemberOf "BizTalk Server Administrators" | |
Add-ADPrincipalGroupMembership -Identity "BTSHostUser" -MemberOf "BizTalk Application Users" | |
Add-ADPrincipalGroupMembership -Identity "BTSIsoHostUser" -MemberOf "BizTalk Isolated Host Users" | |
# Add the domain admin to all groups | |
Add-ADPrincipalGroupMembership -Identity $DomainAdmin -MemberOf "BizTalk Server Administrators" | |
Add-ADPrincipalGroupMembership -Identity $DomainAdmin -MemberOf "SSO Administrators" | |
Add-ADPrincipalGroupMembership -Identity $DomainAdmin -MemberOf "BizTalk Isolated Host Users" | |
Add-ADPrincipalGroupMembership -Identity $DomainAdmin -MemberOf "BizTalk Application Users" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment