locked
Logon Script - cant use AD Module outlook signatures RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I have a logon script that I am using to set Outlook signatures and its working great.... except... I forgot that some of the commandlets are AD commandlets. Since I don't have RSAT installed on all the computers it wont work. Can someone tell me how to change the following to a ldap query that doesn't require the ad module please.

    #Group Template variables
$grp_SWICS = "CN=grp_CS-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
$grp_SWIISP = "CN=grp_Inspections-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
$grp_SWIPD = "CN=grp_ProductDev-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
    

    If ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWICS)){
#Set Signatute Template to Customer Service Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\CS.docx"
}
ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIISP)){
#Set Signatute Template to Inspections Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Inspections.docx"
}
ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIPD)){
#Set Signatute Template to Product Developement Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\ProductDev.docx"
}
Else{
#Set Signature Template to Default Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Default.docx"
}

    Full script below

    #Modules
Import-Module ActiveDirectory

#AD Variables
$UserName = $env:username
$Filter = "(&(objectCategory=User)(samAccountName=$UserName))"
$Searcher = New-Object System.DirectoryServices.DirectorySearcher
$Searcher.Filter = $Filter
$ADUserPath = $Searcher.FindOne()
$ADUser = $ADUserPath.GetDirectoryEntry()
$ADLastMod = $ADUser.whenChanged -replace '[/,:]',''
$SignatureVersion = $ADLastMod

#Group Template variables
$grp_SWICS = "CN=grp_CS-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
$grp_SWIISP = "CN=grp_Inspections-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
$grp_SWIPD = "CN=grp_ProductDev-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"


If ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWICS)){
#Set Signatute Template to Customer Service Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\CS.docx"
}
ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIISP)){
#Set Signatute Template to Inspections Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Inspections.docx"
}
ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIPD)){
#Set Signatute Template to Product Developement Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\ProductDev.docx"
}
Else{
#Set Signature Template to Default Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Default.docx"
}

$SignatureName = 'domain-Default' 
#$SignatureVersion = "1.0" #Change this if you have updated the signature. If you do not change it, the script will quit after checking for the version already on the machine
$ForceSignature = '1' #Set to 1 if you don't want the users to be able to change signature in Outlook
 
#Local Environment variables
$AppData=(Get-Item env:appdata).value
$SigPath = '\Microsoft\Signatures'
$LocalSignaturePath = $AppData+$SigPath
$RemoteSignaturePathFull = $SigSource


#Copy version file
If (-not(Test-Path -Path $LocalSignaturePath\$SignatureVersion))
{
New-Item -Path $LocalSignaturePath\$SignatureVersion -ItemType Directory
}
Elseif (Test-Path -Path $LocalSignaturePath\$SignatureVersion)
{
Write-Output "Latest signature already exists"
break
}

#Check signature path (needs to be created if a signature has never been created for the profile
if (-not(Test-Path -path $LocalSignaturePath)) {
	New-Item $LocalSignaturePath -Type Directory
}

#Get Active Directory information for current user

$ADDisplayName = $ADUser.DisplayName
$ADTitle = $ADUser.title
$ADStreetAddress = $ADUser.streetaddress
$ADCity = $ADUser.l
$ADState = $ADUser.st
$ADZip = $ADUser.postalCode
$ADTelePhoneNumber = $ADUser.TelephoneNumber
$ADFaxNumber = $ADUser.facsimileTelephoneNumber
$ADEmailAddress = $ADUser.mail
$ADDescription = $ADUser.description
#$ADModify = $ADUser.whenChanged
$ADCustomAttribute1 = $ADUser.extensionAttribute1
$MangerDisplayName = ([adsi]"LDAP://$($ADUser.manager)").DisplayName
$MangerEmail = ([adsi]"LDAP://$($ADUser.manager)").mail
$MangerPhone = ([adsi]"LDAP://$($ADUser.manager)").TelephoneNumber

#Copy signature templates from source to local Signature-folder
Write-Output "Copying Signatures"
$fullPath = $LocalSignaturePath+'\'+$SignatureName+'.docx'
Copy-Item "$Sigsource" $fullPath -Recurse -Force
$ReplaceAll = 2
$FindContinue = 1
$MatchCase = $False
$MatchWholeWord = $True
$MatchWildcards = $False
$MatchSoundsLike = $False
$MatchAllWordForms = $False
$Forward = $True
$Wrap = $FindContinue
$Format = $False
	
#Insert variables from Active Directory to rtf signature-file
$MSWord = New-Object -ComObject word.application

$MSWord.Documents.Open($fullPath)
	
#User Name $ Designation 
$FindText = "DisplayName" 
$Designation = $ADCustomAttribute1.ToString() #designations in Exchange custom attribute 1
If ($Designation -ne '') { 
	$Name = $ADDisplayName.ToString()
	$ReplaceText = $Name+', '+$Designation
}
Else {
	$ReplaceText = $ADDisplayName.ToString() 
}
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)	

#Title		
$FindText = "Title"
$ReplaceText = $ADTitle.ToString()
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
	
#Defaults
$DefaultAddress = "Some Street"
$DefaultCity = "Some City"
$DefaultState = "Some State"
$DefaultZip = "Some Zip"
$DefaultTelephone = "(800)555-5555"

#Street Address
If ($ADStreetAddress -ne '') { 
       $FindText = "Address"
    $ReplaceText = $ADStreetAddress.ToString()
   }
   Else {
    $FindText = "Address"
    $ReplaceText = $DefaultAddress
    }
	$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)

#City
If ($ADCity -ne '') { 
    $FindText = "City"
       $ReplaceText = $ADCity.ToString()
   }
   Else {
    $FindText = "City"
    $ReplaceText = $DefaultCity 
   }
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)

#State
If ($ADState -ne '') { 
    $FindText = "State"
       $ReplaceText = $ADState.ToString()
   }
   Else {
    $FindText = "State"
    $ReplaceText = $DefaultState 
   }
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)

#Zip
If ($ADZip -ne '') { 
    $FindText = "Zip"
       $ReplaceText = $ADZip.ToString()
   }
   Else {
    $FindText = "Zip"
    $ReplaceText = $DefaultZip 
   }
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)


#Telephone
If ($ADTelephoneNumber -ne "") { 
	$FindText = "PhoneNumber"
	$ReplaceText = $ADTelephoneNumber.ToString()
   }
Else {
	$FindText = "PhoneNumber"
    $ReplaceText = $DefaultTelephone
	}
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)

#FaxTelephone
If ($ADFaxNumber -ne "") { 
	$FindText = "FaxNumber"
	$ReplaceText = $ADFaxNumber.ToString()
   }
Else {
	$FindText = "Fax: FaxNumber"
    $ReplaceText = " "
	}
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
	
#EmailAddress
If ($ADEmailAddress -ne "") { 
	$FindText = "EmailAddress"
	$ReplaceText = $ADEmailAddress.ToString()
   }
Else {
	$FindText = "Email:"
    $ReplaceText = " "
	}
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)

#Manager Name
If ($MangerDisplayName -ne "") { 
	$FindText = "Manager_Name"
	$ReplaceText = $MangerDisplayName.ToString()
   }
Else {
	$FindText = "Manager_Name"
    $ReplaceText = " "
	}
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)

#Manager Phone
If ($MangerPhone -ne "") { 
	$FindText = "MANAGER_PHONE"
	$ReplaceText = $MangerPhone.ToString()
   }
Else {
	$FindText = "MANAGER_PHONE"
    $ReplaceText = "800-555-5555"
	}
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)


#Manager Email
If ($MangerEmail -ne "") { 
	$FindText = "manager_email"
	$ReplaceText = $MangerEmail.ToString()
   }
Else {
	$FindText = "manager_email"
    $ReplaceText = "service@domain.com"
	}
$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)

#Save new message signature 
Write-Output "Saving signatures"
#Save HTML
$saveFormat = [Enum]::Parse([Microsoft.Office.Interop.Word.WdSaveFormat], "wdFormatHTML");
$path = $LocalSignaturePath+'\'+$SignatureName+".htm"
$MSWord.ActiveDocument.saveas([ref]$path, [ref]$saveFormat)
    
#Save RTF 
$saveFormat = [Enum]::Parse([Microsoft.Office.Interop.Word.WdSaveFormat], "wdFormatRTF");
$path = $LocalSignaturePath+'\'+$SignatureName+".rtf"
$MSWord.ActiveDocument.SaveAs([ref] $path, [ref]$saveFormat)
	
#Save TXT    
$saveFormat = [Enum]::Parse([Microsoft.Office.Interop.Word.WdSaveFormat], "wdFormatText");
$path = $LocalSignaturePath+'\'+$SignatureName+".txt"
$MSWord.ActiveDocument.SaveAs([ref] $path, [ref]$SaveFormat)
$MSWord.ActiveDocument.Close()
$MSWord.Quit()
	

#Office 2016 signature

If (Test-Path HKCU:Software\Microsoft\Office\16.0)

{
Write-Output "Setting signature for Office 2016"

If ($ForceSignature -eq '0')

{
Write-Output "Setting Office 2016 as available"

$MSWord = New-Object -ComObject word.application
$EmailOptions = $MSWord.EmailOptions
$EmailSignature = $EmailOptions.EmailSignature
$EmailSignatureEntries = $EmailSignature.EmailSignatureEntries

}

If ($ForceSignature -eq '1')
{
Write-Output "Setting signature for Office 2016 as forced"
    If (Get-ItemProperty -Name 'NewSignature' -Path HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings') { } 
    Else { 
    New-ItemProperty HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings' -Name 'NewSignature' -Value $SignatureName -PropertyType 'String' -Force 
    } 
    If (Get-ItemProperty -Name 'ReplySignature' -Path HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings') { } 
    Else { 
    New-ItemProperty HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings' -Name 'ReplySignature' -Value $SignatureName -PropertyType 'String' -Force
    } 
}

}

    Tuesday, May 23, 2017 5:06 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Is this what I need to do?

    Get direct AD group membership information

    Members of the group are contained as Distinguished Names in Member array property of a group. To get objects representing the members one need to get contents of this property and create ADSI objects from them.
    001

    002
    $Group = [ADSI]"LDAP://cn=Domain Admins,cn=Users,dc=Contoso,dc=Com"

    $Members = $Group.Member | ForEach-Object {[ADSI]"LDAP://$_"}

    https://social.technet.microsoft.com/wiki/contents/articles/4231.working-with-active-directory-using-powershell-adsi-adapter.aspx

    Tuesday, May 23, 2017 5:19 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Generally we wouldn't write the signature on every logon. That opens you up to logon issues and slows down the logon process.

    You can get the ADSI user object with:

    $user = [adsi]'LDAP://<user distinguished name>'

    You can get eh DN with this function: https://gallery.technet.microsoft.com/PowerShell-version-of-ef967ddd?redir=0

    \_(ツ)_/

    Tuesday, May 23, 2017 5:23 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I'm not writing it on every logon - first thing I check for is the last modified date on the AD attribute.  It only updates the signatures if the AD User object has changed

    Tuesday, May 23, 2017 5:41 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    getting that information is not the issue.  We have multiple templates (each department).  I need to query AD and see if they are a member of a specific group - if they are then set template = x.

    So how do I query to see if they are a member of a specific group without using ad modules?

    This is the specific portion that wont work with out the AD module...

    #Group Template variables
$grp_SWICS = "CN=grp_CS-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
$grp_SWIISP = "CN=grp_Inspections-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
$grp_SWIPD = "CN=grp_ProductDev-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"


If ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWICS)){
#Set Signatute Template to Customer Service Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\CS.docx"
}
ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIISP)){
#Set Signatute Template to Inspections Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Inspections.docx"
}
ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIPD)){
#Set Signatute Template to Product Developement Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\ProductDev.docx"
}
Else{
#Set Signature Template to Default Template
$SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Default.docx"
}

    Tuesday, May 23, 2017 5:44 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    A user object has a memberof property that lists all groups by DN.

    \_(ツ)_/

    • Proposed as answer by Hello_2018 Wednesday, May 24, 2017 8:51 AM
    Tuesday, May 23, 2017 5:56 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Thanks - I will give that a shot
    Tuesday, May 23, 2017 6:03 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    Hi,
    Was your issue resolved? 
    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.
    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.
    If no, please reply and tell us the current situation in order to provide further help.
    Best Regards,
    Andy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, June 7, 2017 2:43 AM