A useful little Powerscript which I have written for student user creation in a Windows Active Directory. Some features may not be useful to all since I wrote this for our needs in our school, but it's pretty straight forward to use and I'm sure it could easily be modified to fit someones needs if they wanted the same. The script creates the user object in Active Directory, adds them to groups, creates their user folder (on a different server), and sets the correct permissions on that folder.
I've posted this here more of a reminder to me if I ever need to revisit it, and I'm sure there is probably a far better and efficient way of doing this, but it may help someone, somewhere!
A couple of things to bear in mind.. Our student username format begins with two digits, then the first three letters of their surname, and then the first three letters of their forename (ie 19WilStu). AND obviously, any references to server names and folder locations will need to be updated with your details
Please feel free to comment, and let me know if you have a better way of doing it :D
Write-Host ""
Write-Host " STUDENT USER CREATION SCRIPT (Powerscript V1)"
Write-Host " ---------------------------------------------"
Write-Host " By Stu - 09/04/2019"
Write-Host ""
# ---------------------------------------------------------------------
# - LETS GET SOME VARIABLES AND CREATE THE USERNAME FORMAT -
# ---------------------------------------------------------------------
#
$forename = read-host -prompt 'Input users forename'
$surname = read-host -prompt 'Input users Surname'
$year = read-host -prompt 'Input users year - (This is the number in their username eg. 15, 06, 03)'
$forename_Three = ($forename.SubString(0,3))
$Surname_Three = ($surname.SubString(0,3))
$username = $Year + $Surname_Three + $Forename_Three
Write-Host "Hello $username"
# ---------------------------------------------------------------------
# - CHECK TO SEE IF USER EXISTS OR NOT -
# ---------------------------------------------------------------------
#
if (dsquery user -samid $username)
{
Write-Host "Found user - PLEASE RESTART AND START AGAIN"
Pause
exit
}
else {"Did not find user - Let's continue to setup the user"}
$password = read-host -prompt 'Enter default password'
Write-Host ""
Write-Host " We have everything we need to create the user account. Please wait"
Write-Host ""
# ---------------------------------------------------------------------
# - CREATE USER OBJECT IN ACTIVE DIRECTORY -
# ---------------------------------------------------------------------
#
New-ADUser $username -AccountPassword (ConvertTo-SecureString -AsPlainText $password -Force) -ChangePasswordAtLogon $True -path "OU=Year$Year,OU=Pupils,OU=Domain Users,DC=yourdomain,DC=local" -Company "Year$Year" -DisplayName "$forename $surname" -Description "Initial Password is $password" -HomeDrive U -HomeDirectory "\\Yourfileserver\folder\students\userareas\Year$Year\$username" -HomePage "www.yourwebsite.com" -UserPrincipalName "$username@domain" -EmailAddress "$username@youremaildomain.com" -Enabled $True -SamAccountName $username -Surname $Surname -GivenName $Forename -ea Stop
Add-ADGroupMember -Identity "Pupils" -Members $username
Add-ADGroupMember -Identity Year"$Year"Group -Members $username
# ---------------------------------------------------------------------
# - USER AREA FOLDER CREATION AND PERMISSIONS -
# ---------------------------------------------------------------------
#
$samAccountName = $username
$fullPath = "\\Yourfileserver\folder\students\userareas\Year$Year\{0}" -f $samAccountName
$driveLetter = "U:"
$User = Get-ADUser -Identity $samAccountName
if($User -ne $Null) {
Set-ADUser $User -HomeDrive $driveLetter -HomeDirectory $fullPath -ea Stop
$homeShare = New-Item -path $fullPath -ItemType Directory -force -ea Stop
$acl = Get-Acl $homeShare
$FileSystemRights = [System.Security.AccessControl.FileSystemRights]"Modify"
$AccessControlType = [System.Security.AccessControl.AccessControlType]::Allow
$InheritanceFlags = [System.Security.AccessControl.InheritanceFlags]"ContainerInherit, ObjectInherit"
$PropagationFlags = [System.Security.AccessControl.PropagationFlags]"InheritOnly"
$AccessRule = New-Object System.Security.AccessControl.FileSystemAccessRule($samAccountName, $FileSystemRights, $InheritanceFlags, $PropagationFlags, $AccessControlType)
$acl.AddAccessRule($AccessRule)
Set-Acl -Path $homeShare -AclObject $acl -ea Stop
Write-Host ("HomeDirectory created at {0}" -f $fullPath)
}
# ---------------------------------------------------------------------
# -This bit creates the default subject folders in the users user area- -
# ---------------------------------------------------------------------
#
new-item \\Yourfileserver\folder\students\userareas\Year$Year\$username\Art -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Business -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Design -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Drama -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\English -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Food -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Geography -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\History -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\ICT -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Languages -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Maths -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Music -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\PE -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Personal -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\RE -itemtype directory
new-item \\Yourfileserver\folder\students\userareas\Year$Year\Science -itemtype directory
Clear-Host
Write-Host ""
Write-Host "User $username has now been created successfully"
Write-Host ""
Write-Host "Username : $username"
Write-Host "Password : $password"
Write-Host ""
Pause
Showing posts with label 2016. Show all posts
Showing posts with label 2016. Show all posts
Wednesday, April 10, 2019
Friday, January 01, 2016
New Year, New Beginnings
Those who know me know that New Year is usually a depressing time for me. Another year older, and the start of another year where anything can happen (usually bad).
Well, I can honestly say 2015 will be remembered as being the year things started to look up for me. It's been a great year, and it's so nice that it's ended on a high. I'll always go in to each new year as a pessimist (that's just me, expecting the worst), but at least (at last) I've gone in to 2016 happy, with my wonderful family and some wonderful memories from 2015.
For me, the big event of the year was us moving to a much larger house. It's surprising how much happier we all are with the extra room. Of course, that's not the only good thing to happen in 2015. I've been able to manage my work/life balance a little better, and all in all I'm feeling a lot better and happier in myself. Still some way to go, but at least I'm on the right track.
Anyway, have a fantastic and happy new year everyone and I hope 2016 is 'your' year.
Stu
Subscribe to:
Posts (Atom)