Here's my scenario: we currently have OUs based on the locations of our facilities, we also have a sub-OU(?) underneath it for users that need a group policy applied to them where whitelist applications allowed to run. From time to time we have need to pull users out of that sub-OU for a short period of time to let them run applications they normally wouldn't be able to and won't need to run long term. Sometimes we also forget to add these people back into that policy controlled sub-OU because we get busy do other things. Server is 2008 R2.
Here's what I'm looking for: A script that prompts for the users name, pulls that user out of the sub-OU, puts them in the main OU but only for 24 hours. After that time limit is up, a script/command runs that puts the user back in the policy controlled sub-OU. I'm thinking a PS script would be the best way to do this.
Can anyone help me create this?
Your task breaks down into 2 parts.
First part – move the user from the sub-OU to the OU
if you try to do this in one script it means you have a process running for 24 hours. Even if you run the script through a PowerShell job you will have to leave the job running for 24 hours. What happens to your user if that process or job is terminated? The object is left in the wrong OU.
I'd split the processing.
Alternatively get your fist script to write the userid to a text file together with the time. Get script 2 to read that file and move anything back to the original OU once its time has expired. Remember to clean up the file.
Hope these ideas help – if you want help with specifics please let me know
What bits are you stuck on?
I mean, prompt for user name – easy. Save user name, original OU, and date/time to a CSV file, easy. Move the user, easy. Write a second script that runs every x hours, reads that file, and moves anyone who's "expired"... straightforward.
Happy to help, but you'll have to give us a starting point...
You must be logged in to reply to this topic.