locked
Logon Script - cant use AD Module outlook signatures RRS feed

  • Question

  • I have a logon script that I am using to set Outlook signatures and its working great.... except... I forgot that some of the commandlets are AD commandlets. Since I don't have RSAT installed on all the computers it wont work. Can someone tell me how to change the following to a ldap query that doesn't require the ad module please.

    #Group Template variables $grp_SWICS = "CN=grp_CS-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL" $grp_SWIISP = "CN=grp_Inspections-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL" $grp_SWIPD = "CN=grp_ProductDev-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"

    If ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWICS)){ #Set Signatute Template to Customer Service Template $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\CS.docx" } ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIISP)){ #Set Signatute Template to Inspections Template $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Inspections.docx" } ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIPD)){ #Set Signatute Template to Product Developement Template $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\ProductDev.docx" } Else{ #Set Signature Template to Default Template $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Default.docx" }

    Full script below

    #Modules
    Import-Module ActiveDirectory
    
    #AD Variables
    $UserName = $env:username
    $Filter = "(&(objectCategory=User)(samAccountName=$UserName))"
    $Searcher = New-Object System.DirectoryServices.DirectorySearcher
    $Searcher.Filter = $Filter
    $ADUserPath = $Searcher.FindOne()
    $ADUser = $ADUserPath.GetDirectoryEntry()
    $ADLastMod = $ADUser.whenChanged -replace '[/,:]',''
    $SignatureVersion = $ADLastMod
    
    #Group Template variables
    $grp_SWICS = "CN=grp_CS-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
    $grp_SWIISP = "CN=grp_Inspections-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
    $grp_SWIPD = "CN=grp_ProductDev-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
    
    
    If ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWICS)){
    #Set Signatute Template to Customer Service Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\CS.docx"
    }
    ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIISP)){
    #Set Signatute Template to Inspections Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Inspections.docx"
    }
    ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIPD)){
    #Set Signatute Template to Product Developement Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\ProductDev.docx"
    }
    Else{
    #Set Signature Template to Default Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Default.docx"
    }
    
    $SignatureName = 'domain-Default' 
    #$SignatureVersion = "1.0" #Change this if you have updated the signature. If you do not change it, the script will quit after checking for the version already on the machine
    $ForceSignature = '1' #Set to 1 if you don't want the users to be able to change signature in Outlook
     
    #Local Environment variables
    $AppData=(Get-Item env:appdata).value
    $SigPath = '\Microsoft\Signatures'
    $LocalSignaturePath = $AppData+$SigPath
    $RemoteSignaturePathFull = $SigSource
    
    
    #Copy version file
    If (-not(Test-Path -Path $LocalSignaturePath\$SignatureVersion))
    {
    New-Item -Path $LocalSignaturePath\$SignatureVersion -ItemType Directory
    }
    Elseif (Test-Path -Path $LocalSignaturePath\$SignatureVersion)
    {
    Write-Output "Latest signature already exists"
    break
    }
    
    #Check signature path (needs to be created if a signature has never been created for the profile
    if (-not(Test-Path -path $LocalSignaturePath)) {
    	New-Item $LocalSignaturePath -Type Directory
    }
    
    #Get Active Directory information for current user
    
    $ADDisplayName = $ADUser.DisplayName
    $ADTitle = $ADUser.title
    $ADStreetAddress = $ADUser.streetaddress
    $ADCity = $ADUser.l
    $ADState = $ADUser.st
    $ADZip = $ADUser.postalCode
    $ADTelePhoneNumber = $ADUser.TelephoneNumber
    $ADFaxNumber = $ADUser.facsimileTelephoneNumber
    $ADEmailAddress = $ADUser.mail
    $ADDescription = $ADUser.description
    #$ADModify = $ADUser.whenChanged
    $ADCustomAttribute1 = $ADUser.extensionAttribute1
    $MangerDisplayName = ([adsi]"LDAP://$($ADUser.manager)").DisplayName
    $MangerEmail = ([adsi]"LDAP://$($ADUser.manager)").mail
    $MangerPhone = ([adsi]"LDAP://$($ADUser.manager)").TelephoneNumber
    
    #Copy signature templates from source to local Signature-folder
    Write-Output "Copying Signatures"
    $fullPath = $LocalSignaturePath+'\'+$SignatureName+'.docx'
    Copy-Item "$Sigsource" $fullPath -Recurse -Force
    $ReplaceAll = 2
    $FindContinue = 1
    $MatchCase = $False
    $MatchWholeWord = $True
    $MatchWildcards = $False
    $MatchSoundsLike = $False
    $MatchAllWordForms = $False
    $Forward = $True
    $Wrap = $FindContinue
    $Format = $False
    	
    #Insert variables from Active Directory to rtf signature-file
    $MSWord = New-Object -ComObject word.application
    
    $MSWord.Documents.Open($fullPath)
    	
    #User Name $ Designation 
    $FindText = "DisplayName" 
    $Designation = $ADCustomAttribute1.ToString() #designations in Exchange custom attribute 1
    If ($Designation -ne '') { 
    	$Name = $ADDisplayName.ToString()
    	$ReplaceText = $Name+', '+$Designation
    }
    Else {
    	$ReplaceText = $ADDisplayName.ToString() 
    }
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)	
    
    #Title		
    $FindText = "Title"
    $ReplaceText = $ADTitle.ToString()
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    	
    #Defaults
    $DefaultAddress = "Some Street"
    $DefaultCity = "Some City"
    $DefaultState = "Some State"
    $DefaultZip = "Some Zip"
    $DefaultTelephone = "(800)555-5555"
    
    #Street Address
    If ($ADStreetAddress -ne '') { 
           $FindText = "Address"
        $ReplaceText = $ADStreetAddress.ToString()
       }
       Else {
        $FindText = "Address"
        $ReplaceText = $DefaultAddress
        }
    	$MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    #City
    If ($ADCity -ne '') { 
        $FindText = "City"
           $ReplaceText = $ADCity.ToString()
       }
       Else {
        $FindText = "City"
        $ReplaceText = $DefaultCity 
       }
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    #State
    If ($ADState -ne '') { 
        $FindText = "State"
           $ReplaceText = $ADState.ToString()
       }
       Else {
        $FindText = "State"
        $ReplaceText = $DefaultState 
       }
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    #Zip
    If ($ADZip -ne '') { 
        $FindText = "Zip"
           $ReplaceText = $ADZip.ToString()
       }
       Else {
        $FindText = "Zip"
        $ReplaceText = $DefaultZip 
       }
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    
    #Telephone
    If ($ADTelephoneNumber -ne "") { 
    	$FindText = "PhoneNumber"
    	$ReplaceText = $ADTelephoneNumber.ToString()
       }
    Else {
    	$FindText = "PhoneNumber"
        $ReplaceText = $DefaultTelephone
    	}
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    #FaxTelephone
    If ($ADFaxNumber -ne "") { 
    	$FindText = "FaxNumber"
    	$ReplaceText = $ADFaxNumber.ToString()
       }
    Else {
    	$FindText = "Fax: FaxNumber"
        $ReplaceText = " "
    	}
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    	
    #EmailAddress
    If ($ADEmailAddress -ne "") { 
    	$FindText = "EmailAddress"
    	$ReplaceText = $ADEmailAddress.ToString()
       }
    Else {
    	$FindText = "Email:"
        $ReplaceText = " "
    	}
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    #Manager Name
    If ($MangerDisplayName -ne "") { 
    	$FindText = "Manager_Name"
    	$ReplaceText = $MangerDisplayName.ToString()
       }
    Else {
    	$FindText = "Manager_Name"
        $ReplaceText = " "
    	}
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    #Manager Phone
    If ($MangerPhone -ne "") { 
    	$FindText = "MANAGER_PHONE"
    	$ReplaceText = $MangerPhone.ToString()
       }
    Else {
    	$FindText = "MANAGER_PHONE"
        $ReplaceText = "800-555-5555"
    	}
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    
    #Manager Email
    If ($MangerEmail -ne "") { 
    	$FindText = "manager_email"
    	$ReplaceText = $MangerEmail.ToString()
       }
    Else {
    	$FindText = "manager_email"
        $ReplaceText = "service@domain.com"
    	}
    $MSWord.Selection.Find.Execute($FindText, $MatchCase, $MatchWholeWord,	$MatchWildcards, $MatchSoundsLike, $MatchAllWordForms, $Forward, $Wrap,	$Format, $ReplaceText, $ReplaceAll	)
    
    #Save new message signature 
    Write-Output "Saving signatures"
    #Save HTML
    $saveFormat = [Enum]::Parse([Microsoft.Office.Interop.Word.WdSaveFormat], "wdFormatHTML");
    $path = $LocalSignaturePath+'\'+$SignatureName+".htm"
    $MSWord.ActiveDocument.saveas([ref]$path, [ref]$saveFormat)
        
    #Save RTF 
    $saveFormat = [Enum]::Parse([Microsoft.Office.Interop.Word.WdSaveFormat], "wdFormatRTF");
    $path = $LocalSignaturePath+'\'+$SignatureName+".rtf"
    $MSWord.ActiveDocument.SaveAs([ref] $path, [ref]$saveFormat)
    	
    #Save TXT    
    $saveFormat = [Enum]::Parse([Microsoft.Office.Interop.Word.WdSaveFormat], "wdFormatText");
    $path = $LocalSignaturePath+'\'+$SignatureName+".txt"
    $MSWord.ActiveDocument.SaveAs([ref] $path, [ref]$SaveFormat)
    $MSWord.ActiveDocument.Close()
    $MSWord.Quit()
    	
    
    #Office 2016 signature
    
    If (Test-Path HKCU:Software\Microsoft\Office\16.0)
    
    {
    Write-Output "Setting signature for Office 2016"
    
    If ($ForceSignature -eq '0')
    
    {
    Write-Output "Setting Office 2016 as available"
    
    $MSWord = New-Object -ComObject word.application
    $EmailOptions = $MSWord.EmailOptions
    $EmailSignature = $EmailOptions.EmailSignature
    $EmailSignatureEntries = $EmailSignature.EmailSignatureEntries
    
    }
    
    If ($ForceSignature -eq '1')
    {
    Write-Output "Setting signature for Office 2016 as forced"
        If (Get-ItemProperty -Name 'NewSignature' -Path HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings') { } 
        Else { 
        New-ItemProperty HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings' -Name 'NewSignature' -Value $SignatureName -PropertyType 'String' -Force 
        } 
        If (Get-ItemProperty -Name 'ReplySignature' -Path HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings') { } 
        Else { 
        New-ItemProperty HKCU:'\Software\Microsoft\Office\16.0\Common\MailSettings' -Name 'ReplySignature' -Value $SignatureName -PropertyType 'String' -Force
        } 
    }
    
    }

    Tuesday, May 23, 2017 5:06 PM

All replies

  • Is this what I need to do?

    Get direct AD group membership information

    Members of the group are contained as Distinguished Names in Member array property of a group. To get objects representing the members one need to get contents of this property and create ADSI objects from them.
    001

    002

    $Group = [ADSI]"LDAP://cn=Domain Admins,cn=Users,dc=Contoso,dc=Com"

    $Members = $Group.Member | ForEach-Object {[ADSI]"LDAP://$_"}

    https://social.technet.microsoft.com/wiki/contents/articles/4231.working-with-active-directory-using-powershell-adsi-adapter.aspx

    Tuesday, May 23, 2017 5:19 PM
  • Generally we wouldn't write the signature on every logon. That opens you up to logon issues and slows down the logon process.

    You can get the ADSI user object with:

    $user = [adsi]'LDAP://<user distinguished name>'

    You can get eh DN with this function: https://gallery.technet.microsoft.com/PowerShell-version-of-ef967ddd?redir=0


    \_(ツ)_/

    Tuesday, May 23, 2017 5:23 PM
  • I'm not writing it on every logon - first thing I check for is the last modified date on the AD attribute.  It only updates the signatures if the AD User object has changed

    Tuesday, May 23, 2017 5:41 PM
  • getting that information is not the issue.  We have multiple templates (each department).  I need to query AD and see if they are a member of a specific group - if they are then set template = x.

    So how do I query to see if they are a member of a specific group without using ad modules?

    This is the specific portion that wont work with out the AD module...

    #Group Template variables
    $grp_SWICS = "CN=grp_CS-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
    $grp_SWIISP = "CN=grp_Inspections-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
    $grp_SWIPD = "CN=grp_ProductDev-Template,OU=Departments,OU=Groups,DC=DOMAIN,DC=LOCAL"
    
    
    If ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWICS)){
    #Set Signatute Template to Customer Service Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\CS.docx"
    }
    ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIISP)){
    #Set Signatute Template to Inspections Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Inspections.docx"
    }
    ElseIf ((Get-ADUser $UserName -Properties memberof).memberof -like ($grp_SWIPD)){
    #Set Signatute Template to Product Developement Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\ProductDev.docx"
    }
    Else{
    #Set Signature Template to Default Template
    $SigSource = "\\DOMAIN.local\NETLOGON\SignatureTemplates\Default.docx"
    }

    Tuesday, May 23, 2017 5:44 PM
  • A user object has a memberof property that lists all groups by DN.


    \_(ツ)_/

    • Proposed as answer by Hello_2018 Wednesday, May 24, 2017 8:51 AM
    Tuesday, May 23, 2017 5:56 PM
  • Thanks - I will give that a shot
    Tuesday, May 23, 2017 6:03 PM
  • Hi,
    Was your issue resolved? 
    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.
    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.
    If no, please reply and tell us the current situation in order to provide further help.
    Best Regards,
    Andy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, June 7, 2017 2:43 AM