我为雇主创建了一个powershell脚本,以创建活动目录用户。
但是,他们现在要求它支持创建多个用户。
这可能吗?
谢谢
编辑-脚本
#region Password
# Generate The Random Password
$random = [Web.Security.Membership]::GeneratePassword(8,3)
# Create Password & Encrypt It To Prevent Brute Force Attempts Being Successful
$password = (ConvertTo-SecureString -AsPlainText $random -force)
# Get Domain DNS suffix
$dnsroot = '@' + (Get-ADDomain).dnsroot
cls
#endregion
#region Unique Field Data
# Acquiring unique field data
$GivenName = Read-Host -Prompt "What Is The New User's First Name?"
Write-Host " "
$Surname = Read-Host -Prompt "What Is The New User's Last Name?"
Write-Host " "
$Description = Read-Host -Prompt "What Is The Job Title & Department Of The New User? [Please format as Job Title – Dept]"
Write-Host " "
#endregion
# /----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\
#region Data Generation
$DisplayName = $Surname + " " + $GivenName
$Mail = $GivenName + "." + $Surname + "@" + "royalberkshire.nhs.uk"
$MailAlias = $GivenName + "." + $Surname + "@" + $DNSRoot2
$SInitial = $Surname[0]
$Initial = $GivenName[0]
$SAMAccountName = $Surname + "" + $Initial
$SAMAccountLower = $SAMAccountName.ToLower()
$UserPrincipalName = $Surname+$Initial
$HD = "U"
$HDir = "\\RBHFILRED002\"
$AC = "Users_01$\"
$DH = "Users_02$\"
$IM = "Users_03$\"
$NS = "Users_04$\"
$TZ = "Users_05$\"
$Folder = if ($SInitial -in 'a','b','c'){$AC}
ElseIf ($SInitial -in 'd','e','f', 'g','h'){$DH}
ElseIf ($SInitial -in 'i','j','k', 'l','m'){$IM}
ElseIf ($SInitial -in 'n','o','p', 'q','r','s'){$NS}
Else {$TZ}
$group1 = "zz Everyone"
$group2 = "Safeboot Domain Users"
$defaultname = $SAMAccountName
$email = $GivenName + "." + $Surname
$i = 1
cls
#endregion
# /----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------\
#region User Creation
# Create The User
While ((Get-ADUser -Filter "SamAccountName -eq '$SAMAccountName'" -ErrorAction SilentlyContinue) -ne $null){
$SamAccountName = $defaultname + [string]$i
$Mail = $email + [string]$i + "@" + "royalberkshire.nhs.uk"
$i++
}
$NewUserParams = @{
path = "OU=Users,OU=RBFT,DC=rbbh-tr,DC=nhs,DC=uk"
SamAccountName = $SAMAccountName
Name = $SAMAccountName
DisplayName = $DisplayName
GivenName = $GivenName
Surname = $Surname
EmailAddress = $Mail
UserPrincipalName = "$SAMAccountName@rbbh-tr.nhs.uk"
Title = $title
HomeDrive = $HomeDrive
HomeDirectory = "$HDir$Folder$SAMAccountName"
Description = $Description
ChangePasswordAtLogon = $true
PasswordNeverExpires = $false
AccountPassword = $password
Enabled = $true
}
New-ADUser @NewUserParams -ErrorAction SilentlyContinue
Add-ADGroupMember -Identity $group1 -Members $SAMAccountName
Start-Sleep -s 10
Add-ADGroupMember -Identity $group2 -Members $SAMAccountName
echo "Username:" $SAMAccountName
Write-Host " "
echo "Password:" $random
Write-Host " "
echo "Email:" $Mail
Write-Host " "
echo "Job Title - Department:" $Description
Write-Host " "
echo "Home Directory:" $HDir$Folder$SAMAccountName
Write-Host " "
write-Host " "
希望这将允许你们进一步帮助我。
已请求脚本。
现在我只是在写东西,所以我可以发帖了,因为SO正在请求更多详细信息
答案 0 :(得分:0)
如果您有一个包含所有用户和所有属性的csv,则可以这样:
例如,您的csv包含以下列:
sAMAccountName, Name, givenName, password
$users = Import-Csv $Path
foreach($user in $users) {
$password = $user.password | ConvertTo-SecureString -AsPlainText -Force
New-ADUser -sAMAccountName $user.sAMAccountname -Name $user.Name -GivenName $user.givenName -Path $OUinAD -AccountPassword $password -ChangePasswordAtLogon $true -Enabled $true
}
如果要我们扩展已经创建的脚本,请将其添加到您的问题中。