I just started diving into powershell and am quickly becoming heavily addicted. I decided to try and simplify the new-user import process in our company. Currently our admin has to manually enter each new user. This is what I came up with:
#Import requiermentsImport-module ActiveDirectoryAdd-PSSnapin Quest.ActiveRoles.ADManagement#Define alias$user=import-csv "C:\Book1.csv" | select-object *,@{l='sAMAccountName';e={$_.'First Name'+"."+$_.'Last Name'}}$manager=import-csv "C:\Book1.csv" | select-object *,@{l='Manager';e={$_.'Reporting To'}}#Import CSV and modify columnsimport-csv "C:\Book1.csv" | select-object *,@{l='name';e={$_.'First Name'+" "+$_.'Last Name'}}, @{l='displayName';e={$_.'First Name'+" "+$_.'Last Name'}}, @{l='sAMAccountName';e={$_.'First Name'+"."+$_.'Last Name'}}, @{l='userprincipalname';e={$_.'First Name'+"."+$_.'Last Name'}}, @{l='givenName';e={$_.'First Name'}}, @{l='surName';e={$_.'Last Name'}}, @{l='department';e={$_.'Dept'}}, @{l='departmentNumber';e={$_.'Cost Center'}}, @{l='extensionAttribute10';e={$_.'Reporting To'}}, @{l='physicalDeliveryOfficeName';e={$_.'Office Number'}} |#create the user and add common propertiesnew-aduser -AccountPassword (ConvertTo-SecureString -AsPlainText "abc-123.col" -Force) -Enabled $true `-Path "OU=New Hires,OU=Departments,DC=company,DC=pri" -company "Company" -scriptpath "LogonScript" #Add users to groups$user | % {add-ADGroupMember -Identity "TestGroup1" -Member $_.'sAMAccountName'}; $user | % {add-ADGroupMember -Identity "TestGroup2" -Member $_.'sAMAccountName'};$user | % {add-ADGroupMember -Identity "TestGroup3" -Member $_.'sAMAccountName'}; $user | % {add-ADGroupMember -Identity "TestGroup4" -Member $_.'sAMAccountName'} #Add users managerimport-csv "C:\Book1.csv" | % {set-qaduser -identity $_.'Last Name' -manager $_.'Reporting To'}
Now, I know there are probably a hundred better ways to do this, but its working for me, and as my first script, Im stoked!
I have one flaw though... Im getting hammered with errors on users that have names over 20 characters long. I know this is because of the limit in pre-2000 logon. What I would like to do is find a way I can determine the character count, and if over 20, use FirstInitial+LastName instead of the default first.last. I dont even know where to begin or if its possible due to the way I set up my script.
Any input would be greatly appreciated!
I don't have any experience coding for ActiveDirectory, but here's a quick-and-dirty example of how to adjust strings based on length. Maybe it'll help.
$derp = "" | Select FirstName, LastName
$derp.FirstName = "Sylvester"$derp.LastName = "McMonkey-McBean"
if ($derp.FirstName.Length + $derp.LastName.Length -gt 20){$name = $derp.FirstName.SubString(0,1) + "." + $derp.LastName}else{$name = $derp.FirstName + "." + $derp.LastName}
$name
This is great however Im not sure how to use it with my current script. If I use your example as is, it runs for the noted user. The issue here is I have many users I need to import, and so I'll need a way to express multiple users for the First and Last name values
some things I tried:
$fName=import-csv "C:\Book1.csv" | select-object *,@{l='givenName';e={$_.'First Name'}}$lName=import-csv "C:\Book1.csv" | select-object *,@{l='surName';e={$_.'Last Name'}}
$derp.FirstName = $fName$derp.LastName = $lName
__________________________________________________________________
$derp.FirstName = import-csv "C:\Book1.csv" | select-object *,@{l='givenName';e={$_.'First Name'}} $derp.LastName = import-csv "C:\Book1.csv" | select-object *,@{l='surName';e={$_.'Last Name'}}
Am I on the right track?