Hi
I'm very new to Powershell and i am looking to put together a script which uses a CSVfile to firstly check if an employee exists, if they exist then use set-aduser to update fields in AD from the details in the CSV . If they do not exist then use Add_aduser to create the employee.
I can create employees with no issue using the script below but this doesn't cover all of my requirements.
Ideally i want the script to check the CSV for a column (Change_Add) which states Add (for new employee) or Change (to update details).
Please could you help or advise on how i might achieve this?
Thanks
###########################################################
# COMMENT : This script creates new Active Directory users
# including different kind of properties based
# on an test_user_access_form.csv.
###########################################################
Import-Module ActiveDirectory
# Get current directory and set import file in variable
$path = Split-Path -parent $MyInvocation.MyCommand.Definition
$newpath = $path + "\CSV\test_User_Access_Form.csv"
# Define variables
$log = $path + "\create_ad_users.log"
$date = Get-Date
$i = 0
# Change this to the location you want the users to be created in your AD
$location = "OU=Users,OU=LAN,DC=company,DC=co,DC=uk"
# FUNCTIONS
Function createUsers
{"Created following users (on " + $date + "): " | Out-File $log -append"--------------------------------------------" | Out-File $log -append
Import-CSV $newpath | ForEach-Object {
$sam = $_.sAMAccountName
Try { $exists = Get-ADUser -LDAPFilter "(sAMAccountName=$sam)" }
Catch { }
If(!$exists)
{
$i++
# Set all variables according to the table names in the Excel
# sheet / import CSV. The names can differ in every project, but
# if the names change, make sure to change it below as well.
$setpass = ConvertTo-SecureString -AsPlainText $_.Password -force
New-ADUser $sam -GivenName $_.GivenName `
-Initials $_.Initials `
-Surname $_.SN `
-DisplayName $_.DisplayName `
-Office $_.OfficeName `
-StreetAddress $_.StreetAddress `
-City $_.L `
-PostalCode $_.PostalCode `
-UserPrincipalName $_.UPN `
-Company $_.Company `
-Department $_.Department `
-EmployeeID $_.ID `
-Title $_.JobTitle `
-OfficePhone $_.StorePhone `
-HomePhone $_.HomePhone `
-AccountPassword $setpass `
-Manager $_.Manager `
-ChangePasswordAtLogon $true `
-Enabled $true
# Set an ExtensionAttribute
$dn = (Get-ADUser $sam).DistinguishedName
$ext = [ADSI]"LDAP://$dn"
If ($_.ExtensionAttribute1 -ne "" -And $_.ExtensionAttribute1 -ne $Null)
{
$ext.Put("extensionAttribute1", $_.ExtensionAttribute1)
$ext.SetInfo()
}
set-aduser $dn -Add @{ExtensionAttribute11= $_.ExtensionAttribute11}
set-aduser $dn -Add @{ExtensionAttribute12= $_.ExtensionAttribute12}
set-aduser $dn -Add @{ExtensionAttribute13= $_.ExtensionAttribute13}
set-aduser $dn -Add @{DepartmentNumber= $_.DepartmentNumber}
set-aduser $dn -Add @{ipPhone= $_.ipPhone}
# Move the user to the OU you set above. If you don't want to
# move the user(s) and just create them in the global Users
# OU, comment the string below
Move-ADObject "CN=$sam,CN=Users,DC=tgifridays,DC=co,DC=uk" -TargetPath $location
# Rename the object
$newdn = (Get-ADUser $sam).DistinguishedName
Rename-ADObject -Identity $newdn -NewName $_.Displayname
$output = $i.ToString() + ") Name: " + $_.DisplayName + " sAMAccountName: "
$output += $sam + " Pass: " + $_.Password
$output | Out-File $log -append
}
Else
{"SKIPPED - ALREADY EXISTS OR ERROR: " + $_.DisplayName | Out-File $log -append
}
}"----------------------------------------" + "`n" | Out-File $log -append
}
# RUN SCRIPT
createUsers
Write-Host "File import complete please check log file for errors"
#Finished