Combine New-ADUser New-Item and Set-ACL

This topic contains 0 replies, has 1 voice, and was last updated by  Forums Archives 5 years, 8 months ago.

  • Author
    Posts
  • #6208

    by MattNZ at 2012-11-02 15:55:11

    Hi all,

    Being totally new to powershell, Id like import my users avoiding the limited GUI tools. Ive put together 3 scripts that appear to work, id just like to combine them.
    So far I've managed to:

    #Import Users from CSV
    Import-csv c:\new2013.csv | ForEach-Object {New-ADUser
    -SamAccountName $_.SamAccountName
    -Name $_.Name
    -GivenName $_.FirstName
    -Surname $_.Surname -Description $_.Description
    -DisplayName $_.DisplayName
    -HomeDirectory $_.HomeDirectory
    -HomeDrive $_.HomeDrive
    -AccountPassword (ConvertTo-SecureString $_.Password -AsPlainText -force)
    -ChangePasswordAtLogon $True
    -Enabled $True
    -EmailAddress $_.EmailAddress
    -UserPrincipalName $_.EmailAddress}

    Create a folder on the home share: (using the CSV again):
    Import-csv c:\new2013.csv | ForEach-Object {New-Item -ItemType Directory -Path \\file\home$ -name $_.SamAccountName}
    And then change the ACL's to suit (thanks to this link for this)
    Import-csv c:\new2013.csv | ForEach-Object {
    $user = $_.SamAccountName
    $acl = get-acl \\file\home$\$user
    $acl.SetAccessRuleProtection($True, $False)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Staff","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$user","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl.AddAccessRule($rule)
    Set-Acl \\file\home$\$user $acl}

    If there is a nice way to combine all this into one import id like to know how. 🙂

    by coderaven at 2012-11-02 20:53:14

    from what you have just keep with it in your foreach-object loop like so

    Import-csv c:\new2013.csv | ForEach-Object {
    #Creating user
    New-ADUser
    -SamAccountName $_.SamAccountName
    -Name $_.Name
    -GivenName $_.FirstName
    -Surname $_.Surname -Description $_.Description
    -DisplayName $_.DisplayName
    -HomeDirectory $_.HomeDirectory
    -HomeDrive $_.HomeDrive
    -AccountPassword (ConvertTo-SecureString $_.Password -AsPlainText -force)
    -ChangePasswordAtLogon $True
    -Enabled $True
    -EmailAddress $_.EmailAddress
    -UserPrincipalName $_.EmailAddress}

    #Creating User Home Drive Folder
    New-Item -ItemType Directory -Path \\file\home$ -name $_.SamAccountName

    #Setting Permission on new Home drive folder
    $user = $_.SamAccountName
    $acl = get-acl \\file\home$\$user
    $acl.SetAccessRuleProtection($True, $False)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Staff","FullControl", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl.AddAccessRule($rule)
    $rule = New-Object System.Security.AccessControl.FileSystemAccessRule("$user","Modify", "ContainerInherit, ObjectInherit", "None", "Allow")
    $acl.AddAccessRule($rule)
    Set-Acl \\file\home$\$user $acl
    }

    by MattNZ at 2012-11-02 22:52:13

    Hi coderaven,
    Ok ill give that a go... pretty easy huh – I thought I had tried that while experimenting but probably messed up the curly brackets or something.
    Will let you know when I try back at work.

    Cheers.

You must be logged in to reply to this topic.