Created
June 1, 2017 22:16
Star
You must be signed in to star a gist
Tool that bulk imports or removes User pictures, based on AD Group Membership
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#requires -Version 2.0 -Modules ActiveDirectory | |
<# | |
.SYNOPSIS | |
Tool that bulk imports or removes User pictures, based on AD Group Membership | |
.DESCRIPTION | |
Tool that bulk imports or removes User pictures, based on AD Group Membership | |
If a user is in both groups, the picture will be removed! | |
Idea based on my old tool to import Active Directory pictures. | |
They are a bit to tiny, so I use Exchange now to make them look better in Exchange and Skype. | |
.PARAMETER AddGroup | |
Active Directory Group with users that would like to have a picture. | |
For all Members of this group, the Tool will try to set an image. | |
.PARAMETER RemGroup | |
Active Directory Group with users that would like have have the picture removed. | |
For all Members of this group, the Tool will try to remove the existing image (If set). | |
.PARAMETER PictureDir | |
Directory that contains the picures | |
.PARAMETER Extension | |
Extension of the pictures | |
.PARAMETER workaround | |
Workaround for Exchange 2016 on Windows Server 2016 | |
.PARAMETER UPNDomain | |
The default Domain, to add to the UPN | |
.EXAMPLE | |
# Use the Groups 'ADDPIXX' and 'NOPIXX' to Set/Remove the User Pictures | |
# There was an Issue with the User joerg.hochwald (Possible Picture Problem! | |
PS C:\> .\.\Set-AllUserPictures.ps1 -AddGroup 'ADDPIXX' -RemGroup 'NOPIXX' -PictureDir 'c:\upixx\' -workaround -UPNDomain 'jhochwald.com' | |
WARNING: Unable to set Image c:\upixx\joerg.hochwald.jpg for User joerg.hochwald | |
.EXAMPLE | |
# Use the Groups 'ADDPIXX' and 'NOPIXX' to Set/Remove the User Pictures | |
# There was an Issue with the User jane.doe - Check that this user has a provissioned Mailbox (on Prem or Cloud) | |
PS C:\> .\.\Set-AllUserPictures.ps1 -AddGroup 'ADDPIXX' -RemGroup 'NOPIXX' -PictureDir 'c:\upixx\' -workaround -UPNDomain 'jhochwald.com' | |
WARNING: Unable to handle jane.doe - Check that this user has a valid Mailbox! | |
.EXAMPLE | |
# Use the Groups 'ADDPIXX' and 'NOPIXX' to Set/Remove the User Pictures - Everything went well | |
PS C:\> .\.\Set-AllUserPictures.ps1 -AddGroup 'ADDPIXX' -RemGroup 'NOPIXX' -PictureDir 'c:\upixx\' -workaround -UPNDomain 'jhochwald.com' | |
WARNING: Unable to handle jane.doe - Check that this user has a valid Mailbox! | |
.NOTES | |
TODO: There is no logging! Only the Exchange RBAC logging is in use | |
TODO: A few error handlers are still missing | |
If a user is in both groups, the picture will be removed! | |
Verbose could be very verbose. This is due to the fact, that the complete Exchange logging will be shown! | |
There are a few possibilities for Warnings and Errors. (Mostly for missing things) | |
Disclaimer: The code is provided 'as is,' with all possible faults, defects or errors, and without warranty of any kind. | |
Author: Joerg Hochwald | |
License: http://unlicense.org | |
.LINK | |
Author http://jhochwald.com | |
.Link | |
License http://unlicense.org | |
#> | |
param | |
( | |
[Parameter(Mandatory = $true, | |
ValueFromPipeline = $true, | |
ValueFromPipelineByPropertyName = $true, | |
Position = 1, | |
HelpMessage = 'Active Directory Group with users that would like to have a picture')] | |
[ValidateNotNullOrEmpty()] | |
[Alias('positive')] | |
[string] | |
$AddGroup, | |
[Parameter(Mandatory = $true, | |
ValueFromPipeline = $true, | |
ValueFromPipelineByPropertyName = $true, | |
Position = 2, | |
HelpMessage = 'Active Directory Group with users that would like have have the picture removed.')] | |
[ValidateNotNullOrEmpty()] | |
[string] | |
$RemGroup, | |
[Parameter(Mandatory = $true, | |
ValueFromPipeline = $true, | |
ValueFromPipelineByPropertyName = $true, | |
Position = 3, | |
HelpMessage = 'Directory that contains the picures')] | |
[ValidateNotNullOrEmpty()] | |
[Alias('PixxDir')] | |
[string] | |
$PictureDir, | |
[Parameter(ValueFromPipeline = $true, | |
ValueFromPipelineByPropertyName = $true, | |
Position = 5)] | |
[Alias('defaultDomain')] | |
[string] | |
$UPNDomain, | |
[Parameter(ValueFromPipeline = $true, | |
ValueFromPipelineByPropertyName = $true, | |
Position = 4)] | |
[ValidateSet('png', 'jpg', 'gif', 'bmp')] | |
[ValidateNotNullOrEmpty()] | |
[string] | |
$Extension = 'jpg', | |
[switch] | |
$workaround = $false | |
) | |
BEGIN | |
{ | |
if ($workaround) | |
{ | |
# Unsupported Workaround accoring to https://hochwald.net/workaround-for-get-help-issue-with-exchange-2016-on-windows-server-2016/ | |
Add-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.SnapIn | |
} | |
# Cleanup | |
$AddUserPixx = $null | |
$NoUserPixx = $null | |
# Check the source directory string and fix it if needed | |
if (-not ($PictureDir).EndsWith('\')) | |
{ | |
# Fix it | |
$PictureDir = $PictureDir + '\' | |
$paramWriteVerbose = @{ | |
Message = 'Fixed the Source Directory String!' | |
} | |
Write-Verbose @paramWriteVerbose | |
} | |
try | |
{ | |
$paramGetADGroupMember = @{ | |
Identity = $AddGroup | |
ErrorAction = 'Stop' | |
WarningAction = 'SilentlyContinue' | |
} | |
$AddUserPixx = (Get-ADGroupMember @paramGetADGroupMember | Select-Object -Property samaccountname) | |
} | |
catch | |
{ | |
$paramWriteError = @{ | |
Message = "Unable to find $AddGroup" | |
ErrorAction = 'Stop' | |
} | |
Write-Error @paramWriteError | |
return | |
} | |
try | |
{ | |
$paramGetADGroupMember = @{ | |
Identity = $RemGroup | |
ErrorAction = 'Stop' | |
WarningAction = 'SilentlyContinue' | |
} | |
$NoUserPixx = (Get-ADGroupMember @paramGetADGroupMember | Select-Object -Property samaccountname) | |
} | |
catch | |
{ | |
$paramWriteError = @{ | |
Message = "Unable to find $AddGroup" | |
ErrorAction = 'Stop' | |
} | |
Write-Error @paramWriteError | |
return | |
} | |
function Test-ValidEmail | |
{ | |
<# | |
.SYNOPSIS | |
Simple Function to check if a String is a valid Mail | |
.DESCRIPTION | |
Simple Function to check if a String is a valid Mail and return a Bool | |
.PARAMETER address | |
Address String to Check | |
.EXAMPLE | |
# Not a valid String | |
PS C:\> Test-ValidEmail -address 'Joerg.Hochwald' | |
False | |
.EXAMPLE | |
# Valid String | |
PS C:\> Test-ValidEmail -address 'Joerg.Hochwald@outlook.de' | |
True | |
.NOTES | |
Disclaimer: The code is provided 'as is,' with all possible faults, defects or errors, and without warranty of any kind. | |
Author: Joerg Hochwald | |
License: http://unlicense.org | |
.LINK | |
Author http://jhochwald.com | |
.Link | |
License http://unlicense.org | |
#> | |
[OutputType([bool])] | |
param | |
( | |
[Parameter(Mandatory = $true, | |
HelpMessage = 'Address String to Check')] | |
[ValidateNotNullOrEmpty()] | |
[string] | |
$address | |
) | |
($address -as [mailaddress]).Address -eq $address -and $address -ne $null | |
} | |
} | |
PROCESS | |
{ | |
if (-not ($AddUserPixx.samaccountname)) | |
{ | |
$paramWriteVerbose = @{ | |
Message = "The AD Group $AddGroup has no members." | |
} | |
Write-Verbose @paramWriteVerbose | |
} | |
else | |
{ | |
# Add a counter | |
$AddUserPixxCount = (($AddUserPixx.samaccountname).count) | |
$paramWriteVerbose = @{ | |
Message = "The AD Group $AddGroup has $AddUserPixxCount members." | |
} | |
Write-Verbose @paramWriteVerbose | |
foreach ($AddUser in $AddUserPixx.samaccountname) | |
{ | |
if (($NoUserPixx.samaccountname) -notcontains $AddUser) | |
{ | |
# Check the UPN and Fix it, if possible | |
if (-not (Test-ValidEmail($AddUser))) | |
{ | |
if (-not ($UPNDomain)) | |
{ | |
# Whoopsie | |
$paramWriteError = @{ | |
Message = 'UPN Default Domain not set but needed!' | |
ErrorAction = 'Stop' | |
} | |
Write-Error @paramWriteError | |
} | |
else | |
{ | |
# Let us fix this | |
$AddUserUPN = ($AddUser + '@' + $UPNDomain) | |
} | |
} | |
# Build the Full Image Path | |
$SingleUserPicture = ($PictureDir + $AddUser + '.' + $Extension) | |
# Check if Picture exists | |
$paramTestPath = @{ | |
Path = $SingleUserPicture | |
ErrorAction = 'Stop' | |
WarningAction = 'SilentlyContinue' | |
} | |
If (Test-Path @paramTestPath) | |
{ | |
try | |
{ | |
$paramSetUserPhoto = @{ | |
Identity = $AddUserUPN | |
PictureData = ([IO.File]::ReadAllBytes($SingleUserPicture)) | |
Confirm = $false | |
ErrorAction = 'Stop' | |
WarningAction = 'SilentlyContinue' | |
} | |
$null = (Set-UserPhoto @paramSetUserPhoto) | |
} | |
catch | |
{ | |
$paramWriteWarning = @{ | |
Message = "Unable to set Image $SingleUserPicture for User $AddUser" | |
ErrorAction = 'SilentlyContinue' | |
} | |
Write-Warning @paramWriteWarning | |
} | |
} | |
else | |
{ | |
$paramWriteWarning = @{ | |
Message = "The Image $SingleUserPicture for User $AddUser was not found" | |
ErrorAction = 'SilentlyContinue' | |
} | |
Write-Warning @paramWriteWarning | |
} | |
} | |
else | |
{ | |
$paramWriteVerbose = @{ | |
Message = "Sorry, User $AddUser is member of $AddGroup and $RemGroup" | |
} | |
Write-Verbose @paramWriteVerbose | |
} | |
} | |
} | |
if (-not ($NoUserPixx.samaccountname)) | |
{ | |
$paramWriteVerbose = @{ | |
Message = "The AD Group $RemGroup has no members." | |
} | |
Write-Verbose @paramWriteVerbose | |
} | |
else | |
{ | |
# Add a counter | |
$NoUserPixxCount = (($NoUserPixx.samaccountname).count) | |
$paramWriteVerbose = @{ | |
Message = "The AD Group $RemGroup has $NoUserPixxCount members." | |
} | |
Write-Verbose @paramWriteVerbose | |
foreach ($NoUser in $NoUserPixx.samaccountname) | |
{ | |
# Check the UPN and Fix it, if possible | |
if (-not (Test-ValidEmail($NoUser))) | |
{ | |
if (-not ($UPNDomain)) | |
{ | |
# Whoopsie | |
$paramWriteError = @{ | |
Message = 'UPN Default Domain not set but needed!' | |
ErrorAction = 'Stop' | |
} | |
Write-Error @paramWriteError | |
} | |
else | |
{ | |
# Let us fix this | |
$NoUserUPN = ($NoUser + '@' + $UPNDomain) | |
} | |
} | |
$paramSetUserPhoto = @{ | |
Identity = $NoUserUPN | |
Confirm = $false | |
ErrorAction = 'Stop' | |
WarningAction = 'SilentlyContinue' | |
} | |
try | |
{ | |
$null = (Remove-UserPhoto @paramSetUserPhoto) | |
} | |
catch | |
{ | |
$paramWriteWarning = @{ | |
Message = "Unable to handle $NoUser - Check that this user has a valid Mailbox!" | |
ErrorAction = 'SilentlyContinue' | |
} | |
Write-Warning @paramWriteWarning | |
} | |
} | |
} | |
} | |
END | |
{ | |
# Cleaniup | |
$AddUserPixx = $null | |
$NoUserPixx = $null | |
$AddUserPixxCount = $null | |
$NoUserPixxCount = $null | |
# Do a garbage collection: Call the .NET function to cleanup some stuff | |
$null = ([GC]::Collect()) | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment