none
Add users to AD plus security groups plus create a new mailbox request in one script RRS feed

  • Question

  • Hello,

    I have a list of new employees that need to be added to AD into specific OUs and create a new mailbox.  I am pulling this from a csv file.  I have the script for this, but I was just instructed to also add these users to security groups based on the OU they are placed.  This is the script I am using to create the users in AD and exchange mailbox:

    **** Create users and enable mailboxes ****
    *** Import usernames from csv ***

    Import-CSV CreateUsers.csv | ForEach {New-Mailbox -Alias $_.alias -UserPrinicpalName
    $_.UPN -Database "Database name" -Name $_.Name -OrganizationUnit <OU> 
    -FirstName $_.first -LastName $_.Last -DisplayName $_.Display -Password "welcome55" -AsSecureString -ResetPasswordOnNextLogon $True}

    How can I add an if statement such as if user OU = OU then add this group?

    Any suggestions?

    Wednesday, December 7, 2016 12:44 PM

Answers

  • Import-Csv D:\User.csv | Foreach {
      New-Mailbox -Name $_.Name -Organizational $_.OU .....
       If ($_.OU -match 'OU1') {
               Add-ADPrincipalGroupMembership -Identity $_.Name -Memberof GRP1
       } ElseIf ($_.OU -match 'OU2') {
               Add-ADPrincipalGroupMembership -Identity $_.Name -Memberof GRP2
       } ElseIf ($_.OU -match 'OU3') {
               Add-ADPrincipalGroupMembership -Identity $_.Name -Memberof GRP3
       }
    }

    Csv File:

    Name,OU
    User1,"ou=ou1,dc=contoso,dc=com"
    User2,"ou=ou2,dc=contoso,dc=com"
    User3,"ou=ou3,dc=contoso,dc=com"
    Wednesday, December 7, 2016 2:23 PM

All replies

  • Best to look for examples in the TechNet Script Gallery. For example, after I filtered on AD and user accounts, I got these:

    https://gallery.technet.microsoft.com/site/search?f%5B0%5D.Type=RootCategory&f%5B0%5D.Value=activedirectory&f%5B0%5D.Text=Active%20Directory&f%5B1%5D.Type=SubCategory&f%5B1%5D.Value=useraccounts&f%5B1%5D.Text=User%20Accounts


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    • Proposed as answer by jrv Wednesday, December 7, 2016 1:15 PM
    Wednesday, December 7, 2016 12:55 PM
    Moderator
  • There is not enough information in your question to help you.

    Richard is correct - start with scripts in the Gallery and rethink what you are trying to do.  Also spend time with the tutorials to learn how to us "if" statements in PowerShell.


    \_(ツ)_/

    Wednesday, December 7, 2016 1:15 PM
  • That is where I have been looking.  I am not finding anything really useful or specific to what I would like to do.

    thank you though.


    MDMLE

    Wednesday, December 7, 2016 1:49 PM
  • To be more specific.  I have a list of 150 users.  I need to add them to AD to a specific OU, create an exchange mailbox and then add them to a specific security group based on the OU that they are in.  The problem I am running into is trying to do this in one script. 

    $Password = read-host "enter password" -AsSecureString
    Import-CSV CreateUsers.csv | ForEach {New-Mailbox -Alias $_.alias 
    $_.Name -OrganizationUnit <OU> -UserPrinicpalName $_.UPN -Name -FirstName $_.first -LastName $_.Last
    -DisplayName $_.Display -Database "DB01" -Password $password -ResetPasswordOnNextLogon $True}
    *** add user to security group based on OU ***

    if OU = <OU1>  addmember <SecurityGroup1>

    elseif OU = <OU2> addmember <securitygroup2>

    elseif OU = <OU3> addmember <securitygroup3>


    MDMLE

    Wednesday, December 7, 2016 1:55 PM
  • Import-Csv D:\User.csv | Foreach {
      New-Mailbox -Name $_.Name -Organizational $_.OU .....
       If ($_.OU -match 'OU1') {
               Add-ADPrincipalGroupMembership -Identity $_.Name -Memberof GRP1
       } ElseIf ($_.OU -match 'OU2') {
               Add-ADPrincipalGroupMembership -Identity $_.Name -Memberof GRP2
       } ElseIf ($_.OU -match 'OU3') {
               Add-ADPrincipalGroupMembership -Identity $_.Name -Memberof GRP3
       }
    }

    Csv File:

    Name,OU
    User1,"ou=ou1,dc=contoso,dc=com"
    User2,"ou=ou2,dc=contoso,dc=com"
    User3,"ou=ou3,dc=contoso,dc=com"
    Wednesday, December 7, 2016 2:23 PM
  • Thank you Vincent.  I tried the addition of the "If" and "ElseIf" statements and received an error. Cannot convert the "IF" value of type System.String" to type "System.Management.Automation.ScriptBlock"

    Exchange PS does not like to perform AD commands it seems...

    I'll just write a separate script to add members of an OU to their respective groups.


    MDMLE


    • Edited by MDMLE Wednesday, December 7, 2016 4:25 PM
    Wednesday, December 7, 2016 4:25 PM
  • I ran the script from PowerShell ISE and even Exchange Management Shell, both worked for me.

    Wednesday, December 7, 2016 4:43 PM