Author Posts

January 1, 2012 at 12:00 am

by Candee at 2013-04-10 08:16:22

Hello.
I have a script that imports employee information, checks to see if the user exists in AD, and then creates the user accounts.
Some of the users will require mailboxes, but not all. I am having trouble with the if/then scenario.
I have a column in the csv "mailenabled" with true/false.
I want to check that column, if it's false, create just the user; if it's true, create the user and the mailbox.
Can someone point me in the right direction?
Thanks!
Candee

Here is my script:
Import-Csv $newusers |foreach {
$user = Get-QADUser -SamAccountName $_.SamAccountName
if($user -ne $Null)
{
Write-host "$User name already exists "
}
Else
If($_.mailenabled eq false)
{#create the new users
New-qaduser -parentcontainer $OU -name $_.name `
-samaccountname $_.samaccountname `
-displayname $_.displayname `
-givenname $_.preferredfirstname`
-sn $_.lastnamepreferred `
-userPassword $pass `
-company $_.Company `
-department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone `
-city $_.city -postalcode $_.zip -state $_.state `
-streetaddress $_.street -manager $_.manager `
-oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui} `

}
}|Set-qaduser -usermustchangepassword $false

by nate-n8 at 2013-04-10 08:50:21

Try:

If($_.mailenabled -eq 'false')
-or-
If($_.mailenabled -like "false")

by ArtB0514 at 2013-04-10 09:05:09

Please use the Code or powershell buttons as recommended in rule 1 at the top of this forum so that we can read your scriptblock easier. Do you have a specific question about your script, like how to resolve the first error message that is generated when you run it?

Just looking over the scriptblock without trying to run it, I see a number of (what I'll call) spelling errors:
[list]The Else clause is missing the opening "{"
"eq" is missing the initial "-"
"False" is either missing quote marks or the initial "$"
The foreach block is missing the closing "}"
There's an extraneous bactick at the end of your New-QADUser command[/list]
There is no object being fed to your final pipeline. You should probably move it to the end of the New-QADUser command.
Finally, your description says you want to create a mailbox, but you never do.

by Candee at 2013-04-10 11:31:43

Sorry about that. You're right – no mailboxes get created.
We have users that need AD accounts, but not mailboxes; and some that need both.
I'm trying to create the AD account for all the users, and then mailboxes just for those who require them.
My question is how to accomplish that.
thank you!

When I run this script with my csv, I get the list of users created, and then "Email already exists" at the bottom, no errors.

Import-Csv $newusers |foreach {
$user = Get-QADUser -SamAccountName $_.SamAccountName
if($user -ne $Null)
{
Write-host "$User name already exists
"
}
Else
{#create the new users
New-qaduser -parentcontainer $OU -name $_.name `
-samaccountname $_.samaccountname `
-displayname $_.displayname `
-givenname $_.preferredfirstname`
-sn $_.lastnamepreferred `
-userPassword $pass `
-company $_.Company `
-department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone `
-city $_.city -postalcode $_.zip -state $_.state `
-streetaddress $_.street -manager $_.manager `
-oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui} `

}

}|Set-qaduser -usermustchangepassword $false

if($_.mailenabled -eq 'true')
{#create the mailboxes
get-qaduser |New-mailbox -database $userdb `
-userprincipalname $_.email `

}
else
{
write-host "Email already exists"
}

by ArtB0514 at 2013-04-10 12:23:43

Try this. I moved things around somewhat to try and keep all the tasks around the new user together and to make it a bit clearer which things apply to the new user and which to the user in the CSV. I also moved the lines around the scriptblock curly braces to fit my personal coding style. Feel free to not do that. Also, I didn't test this, so it may have some errors. I changed $OU to $_.OU, assuming that it came from the CSV file because it wasn't defined elsewhere. Ditto for changing $pass to $_.pass and $userdb to $_.userdb.

Import-Csv $newusers | foreach {
$user = Get-QADUser -SamAccountName $_.SamAccountName
if($user -ne $Null) {
"$($User.name) already exists"
} Else {
"Creating a new user account for $($_.Name)"
$NewUser = New-QADUser -parentcontainer $_.OU -name $_.name `
-samaccountname $_.samaccountname `
-displayname $_.displayname `
-givenname $_.preferredfirstname`
-sn $_.lastnamepreferred `
-userPassword $_.pass `
-company $_.Company `
-department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone `
-city $_.city -postalcode $_.zip -state $_.state `
-streetaddress $_.street -manager $_.manager `
-oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui}
$NewUser | Set-qaduser -usermustchangepassword $false
if($_.mailenabled -eq 'true') {
"Creating a mailbox for $($NewUser.Name)"
$NewUser | New-Mailbox -database $_.userdb -userprincipalname $_.email
} else {
"Email already exists"
} # end of mailenabled
} # end of create new user
}

by Candee at 2013-04-10 12:43:53

Excellent – thank you!
Unfortunately, I'm getting an error:

Creating a new user account for TestCandee1

New-QADUser : A positional parameter cannot be found that accepts argument '$null'.
At C:\temp\scripts\create_mailbox1.ps1:33 char:35
+ $NewUser = New-qaduser < <<< -parentcontainer $_.OU -name $_.name `
+ CategoryInfo : InvalidArgument: (:) [New-QADUser], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.New
UserCmdlet

Email already exists

by ArtB0514 at 2013-04-10 13:03:12

Remember, I changed $OU to $_.OU assuming that it came from the CSV file. If it didn't, then you need to change it back. Same with $_.pass and $_.userdb.

by Candee at 2013-04-10 13:12:39

I did; I even tried adding the OU to the CSV and leaving it the way you had it.
I still get the same error. And I do have a 'name' column in the csv.
Thanks again for helping!

by ArtB0514 at 2013-04-10 13:41:59

Well, the error message says that one of the parameters is getting fed NULL, when it expects something else. Try this to see what the CSV file actually has and match the names to the parameters in the New-QADUser call.
(Import-Csv $newusers)[0] | Format-List *

by Candee at 2013-04-11 05:29:55

Thank you!
You were right of course – the csv had mailenable instead of mailenabled.
I continue to get that same error, though; until I remove this line:
$Newuser |Set-qaduser -usermustchangepassword $false
Then I get a different error (below) even if I sign on as my admin account.
Does it need to be run from the server?
Thanks again!

The "RemovedMailbox" parameter can't be used on the "New-Mailbox" cmdlet because it isn't present in the role definitio
n for the current user. Check the management roles assigned to you, and try again.
+ CategoryInfo : PermissionDenied: (:) [New-Mailbox], CmdletAccessDeniedException
+ FullyQualifiedErrorId : 97EEBD4D,Microsoft.Exchange.Management.RecipientTasks.NewMailbox

by Candee at 2013-04-11 06:08:57

I thought that could have been because I've been using the same list of users to test; so I renamed all the user accounts in the csv to something totally different; but I still get that error.
Frustrating!

by ArtB0514 at 2013-04-11 06:38:28

Back to this issue:
$Newuser |Set-qaduser -usermustchangepassword $false
Sorry, I just wasn't paying close enough attention to this when I was reformatting the code. Sometimes parameters that take Boolean arguments want a different syntax than normal (and I don't know why). This doesn't seem to be documented anywhere that I can find. But this syntax might work better in this case:
$Newuser | Set-qaduser -UserMustChangePassword]

by Candee at 2013-04-11 06:46:37

Not a problem – I appreciate the help.
This is what I get when I change that line:

Creating a new user account for TestCandee4
New-QADUser : A positional parameter cannot be found that accepts argument '$null'.
At C:\Temp\SCRIPTS\create_mailbox1.ps1:33 char:35
+ $NewUser = New-qaduser < <<< `
+ CategoryInfo : InvalidArgument: (:) [New-QADUser], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.New
UserCmdlet

Creating a mailbox for
The input object cannot be bound to any parameters for the command either because the command does not take pipeline in
put or the input and its properties do not match any of the parameters that take pipeline input.
+ CategoryInfo : InvalidArgument: (:) [New-Mailbox], ParameterBindingException
+ FullyQualifiedErrorId : InputObjectNotBound,New-Mailbox

by ArtB0514 at 2013-04-11 07:42:48

Based on the errors, I went back and reread the help for the new-mailbox command and realized that it creates both the mailbox and the user account. That changes the way I'd go after processing this. Instead of creating the user and then adding a mailbox to it, I'd use SWITCH based on the mailboxenable parameter in the CSV file and do it this way. Again, not tested, so there will probably be more debugging to perform...
Import-Csv $newusers | foreach {
$user = Get-QADUser -SamAccountName $_.SamAccountName
if($user -eq $Null) {
"$($User.name) already exists"
} Else {
Switch ($_.mailboxenable) {
$false {"Creating a new user account for $($_.Name)"
New-QADUser -parentcontainer $_.OU -name $_.name `
-samaccountname $_.samaccountname -displayname $_.displayname `
-givenname $_.preferredfirstname -sn $_.lastnamepreferred `
-userPassword $_.pass -company $_.Company -department $_.department `
-title $_.businesscardtitle -telephonenumber $_.telephone `
-city $_.city -postalcode $_.zip -state $_.state `
-streetaddress $_.street -manager $_.manager `
-oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui}
Set-qaduser -Identity $_.SamAccountName -usermustchangepassword $false
Break}
$true {"Creating a user amd mailbox for $($_.Name)"
$Mbx = New-Mailbox -UserPrincipalName $_.email -Database $_.userdb -Name $_.Name `
-OrganizationalUnit $_.OU -Password $_.pass -FirstName $_.preferredfirstname `
-LastName $_.lastnamepreferred -DisplayName $_.displayname -Phone $_.telephone `
-ResetPasswordOnNextLogon $false
Set-QADUser-Identity $Mbx.SamAccountName -Company $_.Company -Department $_.Department `
-Title $_.BusinessCardTitle -City $_.City -PostalCode $_.zip -StateOrProvince $_.State `
-StreetAddress $_.street -Manager $_.manager `
-ObjectAttributes @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui}
Break}
} # End Switch
} # end of else create new user
}

by Candee at 2013-04-11 08:29:18

This is light years ahead of me – I couldn't get it to work.
I did, however, get the other script to work, using enable-mailbox.
Thank you, thank you, thank you!!

The next thing (there's always a next thing) is to add acheck to see if the email address is used.

Import-Csv $newusers |foreach {
$user = Get-QADUser -SamAccountName $_.SamAccountName
if($user -ne $Null) {
"$($User.name) already exists"
} Else {
"Creating a new user account for $($_.Name)"

$NewUser = New-qaduser `
-parentcontainer $OU -name $_.name `
-samaccountname $_.samaccountname `
-displayname $_.displayname `
-givenname $_.preferredfirstname`
-sn $_.lastnamepreferred `
-userPassword $pass `
-company $_.Company `
-department $_.department -title $_.businesscardtitle -telephonenumber $_.telephone `
-city $_.city -postalcode $_.zip -state $_.state `
-streetaddress $_.street -manager $_.manager `
-oa @{ipphone=$_.ipphone;mobile=$_.mobile;employeeid=$_.employeeid;employeenumber=$_.employeegui} `
# $Newuser |Set-qaduser -usermustchangepassword:$false

start-sleep -s 10

if($_.mailenabled -eq 'true') {
"Creating a mailbox for $($Newuser.name)"
$Newuser |foreach-object {enable-mailbox -identity $newuser.dn -database $userdb} `
}Else {
"User does not require Email"
}#end of mailenabled

}#end of create new user
}

by ArtB0514 at 2013-04-11 11:23:51

Something like this?

If ($_.mailenabled -eq 'true' -and -not (Get-Mailbox $NewUser.SamAccountName))

by Candee at 2013-04-11 12:21:29

nice! Thanks!
I think it will work; I'll do some more testing tomorrow.
Although can I use that and still get separate statements?
"Email not required" or "Email address already exists"?
Thanks again for all your help!