Hi. First question here so let's get to it. I am creating an Access Control center for our company and part of it is when new employees are hired and needed to be added to the Active Directory with their own accout they can go to the station and create their account. This form using php to post to a CSV file that is called by a powershell script at the beginning of the day and then creates their account. After finding and correct some syntax errors I've come across another issue. When I run a test, the script returns that access is denied when I tried to create the user. Also to kill two birds with one stone how would I get the script to erase the csv file after the script has run? I've posted my script to see if anyone notices anything.
Set-StrictMode -Version latest
Try
{
Import-Module ActiveDirectory -ErrorAction Stop
}
Catch
{
Write-Host "[ERROR]`t ActiveDirectory couldn't be loaded. Script will stop."
Exit 1
}
$path = "\\UNCLocation\devshare\newusers.csv"
$date = Get-Date
$addn = (Get-ADDomain).DistinguishedName
$dnsroot = (Get-ADDomain).dnsroot
$i = 1
$log = "C:\Path\To\errorlog.log"
$enabled = $True
Function Start-Commands
{
Create-Users
}
Function Create-Users
{
Import-CSV $path | ForEach-Object {
If (($_.FirstName -eq "") -Or- ($_.LastName -eq ""))
{
Write-Host "[ERROR]`t No FirstName or LastName provided. Processing skipped for line $($i)`r`n""[ERROR]`t Please provide valid GivenName, LastName and Initials. Processing skipped for line $($i)`r`n" | Out-File -append C:\Users\ogregory.RTH\Desktop\new_users.log
}
Else
{
#Set Target OU
$location = $_.Department + ".$($addn)"
#Replace dots in names to avoid errors
$replace = $_.Lastname.Replace(".","")
#Create Account using name convention of First Initial and Last name
$sam = $_.FirstName.substring(0,1).ToLower() + $_.LastName.ToLower()
Try { $exists = Get-ADUser -LDAPFilter "(sAMAccountName=$sam)" }
Catch { }
If (!$exists)
{
#Set variables according to CSV headers. If headers differ change variables below as well
$setpass = ConvertTo-SecureString -AsPlainText $_.Password -force
Try
{
Write-Host "[INFO]`t Creating user : $($sam)""[INFO]`t Creating user : $($sam)" | Out-File $log -append
New-ADUser $sam -GivenName $_.FirstName -Initials $_.Initials
-Surname $_.LastName -DisplayName ($_.LastName + "," + $_.FirstName)
-UserPrincipalName ($sam + "@" + $dnsroot) -OfficePhone $_.Number
-AccountPassword $setpass -Enabled $enabled
Write-Host "[INFO]`t Created new user : $($sam)""[INFO]`t Created new user : $($sam)" | Out-File $log -append
$dn = (Get-ADUser $sam).DistinguishedName
#Move to OU set above
If ([adsi]::Exists("LDAP://$($location)"))
{
Move-ADObject -Identity $dn -TargetPath $location
Write-Host "[INFO]`t User $sam moved to target OU : $($location)""[INFO]`t User $sam moved to targ OU : $($location)" | Out-File -append C:\Users\ogregory.RTH\Desktop\new_users.log
}
Else {
Write-Host "[ERROR]`t Target OU not found. User Wasn't Moved!""[ERROR]`t Target OU not found. User wasn't moved!" | Out-File -append C:\Users\ogregory.RTH\Desktop\new_users.log
}
#Object Renamed
$newdn = (Get-ADUser $sam).DistinguishedName
Rename-ADObject -Identity $newdn -NewName ($_.FirstName + " " + $_.LastName)
Write-Host "[INFO]`t Renamed $($sam) to $($_.GivenName) $($_.LastName)`r`n""[INFO]`t Renamed $($sam) to $($_.GivenName) $($_.LastName)`r`n" | Out-File $log -append
}
Catch
{
Write-Host "[ERROR]`t Oops. An error has occured: $($_.Exception.Message)`r`n"
}
}
Else
{
Write-Host "[SKIP]`t User $($sam) ($($_.FirstName) $($_.LastName)) already exists or returned an error!`r`n""[SKIP]`t User $($sam) ($($_.FirstName) $($_.LastName)) already exists or returned an error!" | Out-File -append C:\Users\ogregory.RTH\Desktop\new_users.log
}
}
$i++ "--------------------------------------------" + "`r`n" | Out-File -append C:\Users\ogregory.RTH\Desktop\new_users.log
}
}
Write-Host "STARTED SCRIPT`r`n"
Start-Commands
Write-Host "STOPPED SCRIPT`r`n"Thanks in advance!
(This is modified from an import user script I found and used previously that worked well. I shortened it and changed somethings based on the headers I used in creating the csv file)
Edit: Ok So the users are being created. They just aren't being moved to their specified ou's.