Powershell script issues.. AD attributes

This topic contains 10 replies, has 2 voices, and was last updated by Profile photo of Ben Hart Ben Hart 1 year, 1 month ago.

  • Author
    Posts
  • #32802
    Profile photo of Ben Hart
    Ben Hart
    Participant

    So I have the code pasted below.. the weirdness happens when the streetaddress, zip, city and scriptpath values are left blank in I run the ps1 in a Powershell window or converted to exe via PS2EXE, however if I run the code within ISE it completes and populates everything. To reiterate, in ISE it works 100%, in Powershell is leaves out only the streetaddress, city, zip and scriptpath values. What gives?

    Here's the code:

    #Create-NewADUserO365.ps1
    #3/3/15 Benjamin Hart, Unified Brands, Inc
    #Created with Powershell ISE
    #This powershell script will create a domain user object using a format of lastname, firstname, a SAM of first initial + last name
    #It will also populate displayname, a default password, office and both proxyaddresses, the primary as used in your org and the 
    #Dover required O365 one.  It will also verify the primary proxy address is not already used.
    #With set-aduser you can alter almost any attribute of the user.
    
    $theOU = read-host "Enter the OU name"
    $Surname = read-Host "Enter the surname"
    $GivenName = read-host "Enter first name"
    $DisplayName = "$Surname, $GivenName"
    $Password = "December1"
    $name = $GivenName.substring(0,1)+$Surname
    $proxyaddress = read-host "Enter the proxy address in full"
    
    
    Import-Module activedirectory
    import-module servermanager
    
    
    
    	#Edit the SearchBase to match your organization
    	$myOU = Get-AdOrganizationalUnit -Filter "Name -eq '$theOU'" -Searchbase 'OU=People,DC=DIFC,DC=Root01,DC=org'
    	
    #Below verifies the Proxyaddress is not already present	
    Get-ADuser  -filter * -Properties ProxyAddresses|?{$_.proxyaddresses -contains $proxyaddress}
    	$found=Get-ADuser  -filter * -Properties ProxyAddresses|
         Where-Object{
            $_.proxyaddresses | 
                 Where-Object{ $_ -eq $ProxyAddress }}
    
    while (Get-ADuser  -filter * -Properties ProxyAddresses|?{$_.proxyaddresses -contains $proxyaddress})
    {
      $proxyaddress = read-host "$proxyaddress is already in use, please try another one"
    }
    Write-Host "$proxyaddress is not used yet."
    
    #Edit your locations if you choose to use this part
    Switch ($Office)  {
        "Michigan" {
            $Street = "525 South Coldwater Rd."
            $City = "Weidman"
            $State = "Michigan"
            $Zip = "48898"
            $scriptpath = "\\difc\netlogon\milogin1.bat"
    }
        "Mississippi"  {
            $Street = "1055 Mendell Davis Dr."
            $City = "Jackson"
            $State = "Mississippi"
            $Zip = "39272"
            $scriptpath = "\\difc\netlogon\adlogin.bat"
            }
        "Oklahoma"  {
            $Street = "4650 54th Street Maip Building 601"
            $City = "Pryor"
            $State = "Oklahoma"
            $Zip = "74361"
            $scriptpath = "\\difc\netlogon\oklogin.bat"
            }
        "Georgia"  {
            $Street = "2016 Gees Mill Rd. NE"
            $City = "Conyers"
            $State = "Georgia"
            $Zip = "30013"
    }
    }
    #Edit the below to match your domain(s)
    $DoverProxyAddress = "$($givenname.substring(0,1))$surname-$("unifiedbrands")-$("net")@dover.mail.onmicrosoft.com"
    $Description = read-host "Enter persons description"
    $jobtitle = read-host "Enter the Job Title"
    #Edit the below to match your locations
    $office = read-host "Enter the user's location, Michigan, Mississippi, Georgia, Oklahoma or Remote"
    $department = read-host "Enter the users Department"
    
    New-ADUser -path $myOU -samaccountname $name -name $displayname -DisplayName $DisplayName -Surname $Surname -givenname $givenname -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -force) -enabled:$false
    start-sleep -seconds 30
    set-aduser -samaccountname -emailaddress $proxyaddress -Description $Description -Title $jobtitle -Office $office -UserPrincipalName $proxyaddress -Department $department -Company "Unified Brands, Inc"
    set-aduser $name -StreetAddress $Street -city $city -state $state -PostalCode $zip
    set-aduser $name -ScriptPath $scriptpath 
    Set-ADUser $name -Replace @{employeeType="EMPLOYEE"}
    set-aduser $name -add @{proxyaddresses = ("SMTP:")+"$proxyaddress"}
    set-aduser $name -add @{ProxyAddresses = ("smtp:")+"$doverproxyaddress"}
    
     	
    get-aduser $name
    
  • #32805
    Profile photo of Curtis Smith
    Curtis Smith
    Participant

    Can you use the pre /pre tag around your code in the post to make it easier to work with?

  • #32806
    Profile photo of Ben Hart
    Ben Hart
    Participant

    Nice! I didn't know what that tag did. There you go!

  • #32807
    Profile photo of Ben Hart
    Ben Hart
    Participant

    I almost forgot.. of note: The env here is on-premise AD using Federated Services to sync to O365. So no user objects are created directly in the cloud.

  • #32811
    Profile photo of Curtis Smith
    Curtis Smith
    Participant

    There are several issues, but specifically to your question. In your script, you are using a switch on the $office variable before you are setting a value in the $office variable. As such, it does not work becaue $office is blank so none of the variables being set in the switch are being set. It works in the ISE, most likely, only after the first run. The first run it would not work. but in the ISE the $office variable does not get cleared before the second run, so the value entered when prompted from the first run is used in the second run.

  • #32812
    Profile photo of Ben Hart
    Ben Hart
    Participant

    Hmmm.. I'll test your theory about ISE in the AM. However since the script ends, I don;t see how it wouldn't run subsequently in ISE.. but we'll see. Since my browser won;t let me scroll to the right (crappy Chrome) any thoughts on the switch on $office?

  • #32814
    Profile photo of Curtis Smith
    Curtis Smith
    Participant

    Yes, put your switch after the line where you use read-host to set the value of $office.

    As far at the ISE. It's true. It's a feature. After the script finishes running you can type the variables in the console of the ISE and see that they still hold their value from when the script ran.

    As far as seeing all the code, click the box with three lines in the top right corner to turn on word wrap, or click the bidirectional arrow to get a pop out of the code in a separate window.

  • #32819
    Profile photo of Ben Hart
    Ben Hart
    Participant

    So just to make sure.. because I'm not terribly familiar with switch.. do you think I need to create a switch statement instead of the read-host?

    I'm looking at this: https://technet.microsoft.com/en-us/library/ff730937.aspx

  • #32821
    Profile photo of Ben Hart
    Ben Hart
    Participant

    OH wait.. crap I'm sorry. I'm failing at reading comprehension. Ok I see let me try moving that around.

  • #32822
    Profile photo of Ben Hart
    Ben Hart
    Participant

    Ok I moved the switch block below the $office line, re-converted and ran the scrip ton a test user. This time, for whatever reason it did add the streetaddress/city/zip/scriptpath values but did not apply the Description, Office, User logon name, job title, department or email address.

  • #32825
    Profile photo of Ben Hart
    Ben Hart
    Participant

    Ok I fixed it.. not sure exactly how since I reorganized the that switch function then a broke up the New-aduser with back ticks but after all that the missing values are being applied now. Here's the updated script:

    #Create-NewADUserO365.ps1
    #3/3/15 Benjamin Hart, Unified Brands, Inc
    #Created with Powershell ISE
    #This powershell script will create a domain user object using a format of lastname, firstname, a SAM of first initial + last name
    #It will also populate displayname, a default password, office and both proxyaddresses, the primary as used in your org and the 
    #Dover required O365 one.  It will also verify the primary proxy address is not already used.
    #With set-aduser you can alter almost any attribute of the user.
    
    
    Import-Module activedirectory
    import-module servermanager 
    
    $theOU = read-host "Enter the OU name"
    $Surname = read-Host "Enter the surname"
    $GivenName = read-host "Enter first name"
    $DisplayName = "$Surname, $GivenName"
    $Password = "December1"
    $name = $GivenName.substring(0,1)+$Surname
    $company = "Unified Brands, Inc"
    $proxyaddress = read-host "Enter the proxy address in full"
    
    	#Edit the SearchBase to match your organization
    	$myOU = Get-AdOrganizationalUnit -Filter "Name -eq '$theOU'" -Searchbase 'OU=People,DC=DIFC,DC=Root01,DC=org'
    	
    #Below verifies the Proxyaddress is not already present	
    Get-ADuser  -filter * -Properties ProxyAddresses|?{$_.proxyaddresses -contains $proxyaddress}
    	$found=Get-ADuser  -filter * -Properties ProxyAddresses|
         Where-Object{
            $_.proxyaddresses | 
                 Where-Object{ $_ -eq $ProxyAddress }}
    
    while (Get-ADuser  -filter * -Properties ProxyAddresses|?{$_.proxyaddresses -contains $proxyaddress})
    {
      $proxyaddress = read-host "$proxyaddress is already in use, please try another one"
    }
    Write-Host "$proxyaddress is not used yet."
    
    
    #Edit your locations if you choose to use this part
    #Edit the below to match your domain(s)
    
    $DoverProxyAddress = "$($givenname.substring(0,1))$surname-$("company")-$("net")@dover.mail.onmicrosoft.com"
    $Description = read-host "Enter persons description"
    $jobtitle = read-host "Enter the Job Title"
    #Edit the below to match your locations
    $office = read-host "Enter the user's location, Michigan, Mississippi, Georgia, Oklahoma or Remote"
    Switch ($Office)  {
        "Michigan" {
            $Street = "123 main st."
            $City = "Weidman"
            $State = "Michigan"
            $Zip = "48898"
            $scriptpath = "\\difc\netlogon\milogin1.bat"
    }
        "Mississippi"  {
            $Street = "123 main st"
            $City = "Jackson"
            $State = "Mississippi"
            $Zip = "39272"
            $scriptpath = "\\difc\netlogon\adlogin.bat"
            }
        "Oklahoma"  {
            $Street = "123 main st"
            $City = "Pryor"
            $State = "Oklahoma"
            $Zip = "74361"
            $scriptpath = "\\difc\netlogon\oklogin.bat"
            }
        "Georgia"  {
            $Street = "123 main st"
            $City = "Conyers"
            $State = "Georgia"
            $Zip = "30013"
    }
    }
    
    $department = read-host "Enter the users Department"
    
    New-ADUser -path $myOU -samaccountname $name -name $displayname -DisplayName $DisplayName -Surname $Surname -givenname $givenname `
     -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -force) -enabled:$false -emailaddress $proxyaddress `
     -Description $Description -Title $jobtitle -Office $office -UserPrincipalName $proxyaddress -Department $department `
     -Company $company -StreetAddress $Street -city $city -state $state -PostalCode $zip -ScriptPath $scriptpath
    
     
    set-aduser $name -Replace @{employeeType="EMPLOYEE"}
    
    start-sleep -seconds 5
    
    Set-ADUser $name 
    set-aduser $name -add @{proxyaddresses = ("SMTP:")+"$proxyaddress"}
    set-aduser $name -add @{ProxyAddresses = ("smtp:")+"$doverproxyaddress"}
    
     	
    get-aduser $name 
    
    
    

You must be logged in to reply to this topic.