我有一个在Active Directory中创建新用户的脚本。我希望能够在我的csv模板中包含一个分组值,并将这些分组拆分成各个值,以便与用户一起添加。
我目前正在运行第二个脚本,通过概述组名来为用户分配组。
# Import active directory module for running AD cmdlets
Import-Module activedirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv C:\upload\batman.csv
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below
$Username = $User.username
$Password = $User.password
$Firstname = $User.firstname
$Lastname = $User.lastname
$OU = $User.ou #This field refers to the OU the user account is to be created in
$email = $User.email
$Password = $User.Password
$groups = $User.groups
#Check to see if the user already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
}
else
{
#User does not exist then proceed to create the new user account
#Account will be created in the OU provided by the $OU variable read from the CSV file
New-ADUser `
-SamAccountName $username `
-UserPrincipalName "$username@lon.deloitterisk.cloud" `
-Name "$Firstname $Lastname" `
-GivenName $Firstname `
-Surname $Lastname `
-Enabled $True `
-DisplayName "$Lastname, $Firstname" `
-Path $OU `
-AccountPassword (convertto-securestring $Password -AsPlainText -
Force) -ChangePasswordAtLogon $False -PasswordNeverExpires:$True `
-group
{
foreach($groups in $ADUsers)
{
$Username = $User.username
$groups = $User.groups -split ","
foreach ($group in $groups)
}
}
}
}
这是我当前拥有的代码(我在尝试添加的groups子句中添加了该部分,但是本节产生了错误。模板中的列名称为“ groups”)
答案 0 :(得分:0)
免责声明:未经测试
我将利用您已有的资源并添加到Add-ADPrincipalGroupMembership命令中。我将某些格式更改为仅使用New-ADUser命令使用splatting来实现可读性。
# Import active directory module for running AD cmdlets
Import-Module activedirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv C:\upload\batman.csv
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below
$NewUser = @{
'SamAccountName' = $User.username
'UserPrincipalName' = "{0}@domain.com" -f $User.username
'Name' = "{0} {1}" -f $user.firstname,$user.lastname
'Enabled' = $true
'DisplayName' = "{1}, {0}" -f $user.firstname,$user.lastname
'AccountPassword' = ConvertTo-SecureString $User.password -AsPlainText -Force
'ChangePasswordAtLogon' = $false
'PasswordNeverExpires' = $true
'GivenName' = $User.firstname
'Surname' = $User.lastname
'Path' = $User.ou #This field refers to the OU the user account is to be created in
'Password' = $User.Password
}
$groups = $User.groups -split ","
$email = $User.email
#Check to see if the user already exists in AD
if (Get-ADUser -Filter "SamAccountName -eq '$($NewUser.SamAccountName)'")
{
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
}
else
{
#User does not exist then proceed to create the new user account
#Account will be created in the OU provided by the $OU variable read from the CSV file
New-ADUser @NewUser
Add-ADPrincipalGroupMembership -Identity $NewUser.SamAccountName -MemberOf $groups
}
}