none
AD user creation Automation RRS feed

  • Question

  • This is my first post and not really sure where it should go, but hopefully this is right.

    I'm working on a powershell script from scratch that will create users automatically in active directory and google apps then email logins to correct people. 

    The scenario is we get a csv of all users including ones that are created and needing to be creating. I need to compare that with ad and only import users that are not already created (this is the part that I'm having the most difficulty with). Then from that same list do the same for google apps with GAM and then email the logins to the counselors. 

    the main problem I'm having is comparing the CSV and only importing the needed users, I can successfully compare the CSV and find out which users are needed, but it removes all the headers and other info I need.

    I appreciate any help I can get.

    Wednesday, March 30, 2016 4:45 PM

Answers

All replies

  • Give an short, self-contained example of what you're trying to do and be specific about what doesn't work. Don't make everyone guess.

    (Remember, we can't read your mind, and we can't see your screen.)


    -- Bill Stewart [Bill_Stewart]

    Wednesday, March 30, 2016 4:47 PM
    Moderator
  • $CSV = Import-Csv C:\Scripts\Add_AD_Users.csv | % {$_.Name}

    $ExistingUsers = Get-ADUser -Filter * | select Name | % Name

    Compare-Object $CSV $ExistingUsers | Where-Object {$_.SideIndicator -eq "<="} | Export-Csv C:\Scripts\Result.CSV

    This is what I'm having difficulty with. How do I parse through a csv selectively and only pull out rows(users) that need to be created. I'm by no means a powershell guru, I'm just trying to learn it and apply it to my job the best I can.

    the pipe to %{$_.Name} is what is killing my CSV by removing all of the other headers, is there a better way to accomplish this?

    Wednesday, March 30, 2016 5:02 PM
  • Looking at you attempt at writing code I suggest starting by learning PowerShell.

    We would do this in a loop and test each item for existence.  Use "if" logic to determine whether to create a user.

    Import-Csv C:\Scripts\Add_AD_Users.csv |
         ForEach-Object{
              if(Get-Aduser $_.Name -ErrorAction 0){
                    # user exists
              }else{
                   # user does not exisit
             }
         } 

    Look in the Gallery for scripts that already do all of this:


    \_(ツ)_/

    Wednesday, March 30, 2016 5:10 PM
  • I appreciate the response, though I'm not sure I understand what the -erroraction 0 is. 

    i would really like to know powershell and know coding and the general syntax. just powershell is a bit different with how i have input values into something like an if statement.  

    I really dislike reading books to learn. its hard for me to grasp when things are usually not well stated. Do you know of a tutoral online that would be sufficient in learning it over a couple months?

    Wednesday, March 30, 2016 5:31 PM
  • Learning is something that has to be learned. f you are going to be a technician you have to learn how to, learn.  You will be constantly required to quickly learn new things.

    There are no shortcuts.  You cannot learn a technology by watchin entertaining videos.  Videos can serve as an introduction but, in  the end, you must do the work.

    Here is a tutorial that can step you through the basics. It is broken down into sections that build useful knowledge:

    https://technet.microsoft.com/en-us/scriptcenter/dd742419.aspx

    https://blogs.technet.microsoft.com/heyscriptingguy/2015/01/04/weekend-scripter-the-best-ways-to-learn-powershell/

    Also learn to use the PowerShell "help"  system. It is the best first step to understanding things like -ErrorAction.


    \_(ツ)_/

    Wednesday, March 30, 2016 5:42 PM
  • Oh I know how to learn, I've been learning all my life and fair better than most. I'm just looking for help, not life advice, sorry if that comes out rude but nobody is making me do this, I'm doing this to improve myself. So I would much rather not be told that I need to learn how to learn.  I appreciate your help in the code you showed me, that is what I was mainly looking for.
    Wednesday, March 30, 2016 5:56 PM
  • Oh I know how to learn, I've been learning all my life and fair better than most. I'm just looking for help, not life advice, sorry if that comes out rude but nobody is making me do this, I'm doing this to improve myself. So I would much rather not be told that I need to learn how to learn.  I appreciate your help in the code you showed me, that is what I was mainly looking for.

    Then the links I posted will give you the basics that you need.  I just assumed that you needed custom videos as the only way to learn which usually means that you cannot learn from a book due to lack of training in reading effectively.  It is course taught in most schools and repeated in college, to address the issue that many kids today cannot read or learn from reading. ,Reading is the fastest and most effective way of learning a technology.

    Try the links.  If they are too hard then I recommend searching for companies that specialize in video tutorials.  There are dozens.  Some seem to be pretty good.

    The plus with reading is that you can  rewind much faster and you can try the example with the book open and repeat until you understand.   Videos make this much harder and you end up spending more time learning to click the mouse than you do l,earning how to code.


    \_(ツ)_/

    Wednesday, March 30, 2016 6:11 PM
  • A good start to learn powershell by videos could be the Microsoft Virtual Academy
    Wednesday, March 30, 2016 6:18 PM
  • A good start to learn powershell by videos could be the Microsoft Virtual Academy

    Yes but it assumes you already know the basics of programming and computer automation.  If you know at least on programming g language or script system then MVA may be a good place to start.

    There are dozens of web sites that teach basic programming now: https://www.codecademy.com/

    This one is free and it is very quick learning.  It will give you the basics in a few sessions.


    \_(ツ)_/

    Wednesday, March 30, 2016 6:32 PM
  • Last time I'll bother ya'll. In the code you posted, the else doesn't get invoked, An error just comes up saying that this user doesnt exist, but it isn't the error message I wrote such as, write-host "User doesn't exist" and then it should create the user. It just seems as if its passing right over that. I've tried else if and a nested if statement but neither give a different result. I changed it to this 

                                                  

         ForEach-Object{
              if((Get-Aduser $_.SamAccountName) -ne $null){
                    Write-Host "user exists"

              }
              else{

                    Write-Host "User Doesn't Exist" this part has no affect, I just get the standard powershell                   #New-ADUser ...         error for not having a user. wondering if it has to do with the the if statement is handling the input, or a technical error

             }
         }

    Wednesday, March 30, 2016 7:12 PM
  • You cannot use ForEach-Object outside of a pipeline. It will not work.

    Also we need to use the command corectlyu:

    $name='somebody'
    if((Get-Aduser $name -ea 0){
         Write-Host "user exists"
    }else{
         Write-Host "User Doesn't Exist"
    }
    
    
    

    Start with this to help you understand how a basic PowerShell is designed to work.  Use help to look up things like "ForEach-Object" to learn how they work.

    We cannot incrementally teach you how to use PowerShell.  You will have to put in some effort.


    \_(ツ)_/

    Wednesday, March 30, 2016 7:18 PM
  • Import-Csv C:\Scripts\Add_AD_Users.csv | %{

              if(Get-Aduser $_.SamAccountName){
                    Write-Host "$($_.SamAccountNameuser exists"

              }
              else{

                    Write-Host "$($_.SamAccountName) Doesn't Exist"

             }
         }

    #try without the explicit null evaluation

    Wednesday, March 30, 2016 7:26 PM
  • I do have pipeline input its just not in what has been posted. I don't understand why people assume someone is an idiot. I'm not asking you to step by step walk me through the entire program I'd like to create. If you can't tell effort has been put forth then you are either to arrogant or blind to tell the difference. I know "basic poweshell" what I'm trying to accomplish, I would consider harder than basic. 

    What I was trying to ask by that post was why does the else get bypassed. the original if statement was working but the else didn't catch anything. In other words. User Doesn't Exist wasn't outputted anywhere, just standard powershell no ad user error.


    Wednesday, March 30, 2016 7:30 PM

  • jrv although he comes across as mean, is pointing you in the right direction. by putting erroraction 0 means it will not fall over the second it cannot find the user, and continue with the rest of your script (the rest of the evaluation part)

    however it still doesnt work even with erroraction 0 though for this type of operation you should use try & catch

    try{get-aduser blah}

    catch{

    write-host "not found"

    }


    • Edited by Jon.Knight Wednesday, March 30, 2016 8:11 PM
    Wednesday, March 30, 2016 8:02 PM
  • I do have pipeline input its just not in what has been posted. I don't understand why people assume someone is an idiot. I'm not asking you to step by step walk me through the entire program I'd like to create. If you can't tell effort has been put forth then you are either to arrogant or blind to tell the difference. I know "basic poweshell" what I'm trying to accomplish, I would consider harder than basic. 

    What I was trying to ask by that post was why does the else get bypassed. the original if statement was working but the else didn't catch anything. In other words. User Doesn't Exist wasn't outputted anywhere, just standard powershell no ad user error.


    We have no way of guessing that you did this correctly as the errors and issues posted indicate that you do not know how to do this.  I have to assume that there may NOT be a pipeline.

    The code I posted works always assuming the information  given by you is accurate.  We test for an account by either testing for a result.  If the account is found there will be a result.  You cannot reliably test for $null.

    In this case try/catch is not needed and only crates more issues.

    This always works:  I have added some explicit trace information.

    Import-Csv C:\Scripts\Add_AD_Users.csv | 
    	ForEach-Object{
    		Write-Host "SAMNAME: $($_.SamAccountName)" -fore green
    		if(Get-Aduser $_.SamAccountName -ea 0){
    			Write-Host "$($_.SamAccountName) user exists"
    		}else{
    			Write-Host "$($_.SamAccountName) Doesn't Exist"
    		}
    	}

    Of course it is entirely possible that you do not have a CSV or that CSV does not have SamAccountNames.  We cannot help if you give us the wrong information.

    I should also note that you original syntax was defective in more than one way but due to formatting it is hard to see that.


    \_(ツ)_/



    • Edited by jrv Wednesday, March 30, 2016 9:22 PM
    Wednesday, March 30, 2016 9:20 PM

  • jrv although he comes across as mean, is pointing you in the right direction. by putting erroraction 0 means it will not fall over the second it cannot find the user, and continue with the rest of your script (the rest of the evaluation part)


    I am not mean. I am very easy to get on with except when I try to help someone and I get a run-around and arguments over each step.

    I have been a systems programmer and a computer engineer for more than 30 years.  I think I know a few things that someone with virtually no formal training can learn from.  If a user actually thinks carefully at each step instead of demanding a full rewrite and deployment of their script for them they would learn something.

    This would have been simple and solved immediately had the OP been willing to attempt to understand and ask intelligent questions.  I have trained dozens of programmers and technicians.  I become impatient only with those who are too lazy to think or make an effort.  Learning the fundamentals, is up to the person wanting to become a technician.  That is always true.


    \_(ツ)_/

    Wednesday, March 30, 2016 9:29 PM
  • you are wrong the if statement does not work with get-aduser even when you use -ea 0. the terminating error breaks it like the OP says. I thought it odd too and had to verify for myself in a VM.

    http://stackoverflow.com/questions/11605893/checking-for-the-existence-of-an-ad-object-how-do-i-avoid-an-ugly-error-message

    So maybe at last I can say the great jrv might need to take a course on powershell to learn about terminating errors :)

    Thursday, March 31, 2016 8:45 AM
  • Sorry - I was trying to type this:

    if(Get-Aduser-Filter "SamAccountName -eq '$($_.SamAccountName)'"){
         Write-Host "$($_.SamAccountName) user exists"
    }else{
         Write-Host "$($_.SamAccountName) Doesn't Exist"
    }

    This avoids all errors and is very fast. I had forgotten about that old bug in the AD CmdLets where it throws a terminating error when it shouldn't.

    Try/Catch is always slower because exceptions are anywhere from 10 to 100 time slower to process.  The filter is against an indexed attribute and is very fast.


    \_(ツ)_/

    Thursday, March 31, 2016 1:37 PM