none
PowerShell Script To Replace Quest Active Roles RRS feed

  • Question

  • Hello all! I have been tasked with coming up with a PowerShell script that accomplishes what Quest's Active Roles Server does (explained below). 

    Basically the script should create a distribution list prefixed with "Associates" and populate it based on the office location attribute in an AD User object. As an example, John Smith's Office Location is New York so a new distribution group would be created and called "Associates-New York" with the user being added to it. 

    I am getting stuck at modifying groups that are already in existence and if they are in existence and the user's office location matches that of the existing group they should be added as a member of the group.

    I hope this makes sense...

    In a perfect world I would simply turn to Active Roles but we are sadly doing away with it. Any assistance is greatly appreciated!

    So far this is what I have:

    ###-Variables For Script-###
    
    $CurrentDomain = Get-ADDomain
    
    #The OU That The Script Will Be Looking In
    $TargetOU = "OU=SOMEPLACE,OU=ANOTHERPLACE"
    
    #The Full Distinguished Name of OU
    $OrganizationalUnitDN = $TargetOU+","+$CurrentDomain
    
    ###-Group Creation-###
    
    $offices=get-aduser -filter "office -like '*'"  -Prop office
    $offices_unique = $offices | select -ExpandProperty Office | select -Unique
    foreach($offices in $offices_unique){
    $name='Associates-' + $($offices.office)
    try
    {
    $GroupValidate = Get-ADGroup $name 
    }
    catch
    {}
    if ($GroupValidate -ne $null)
    {
    Write-Output "$GroupValidate is an existing group."
    }
    else
    {
    Write-Output "$GroupValidate is not an existing group. Creating group..."
    }
    New-ADGroup -Name $name -SamAccountName $name -GroupCategory Distribution -GroupScope Universal -DisplayName "$name" -Path "$OrganizationalUnitDN" -Description "Members of this group are From $($office.office)"
    }
    
    ###-Modify Existing Group Memberships-###
    $groups=
    foreach($user in $users){
    foreach($group in $groups){
    if($user.office -eq $group.name){
    Add-ADGroupMember -Identity $group -Members $user.samaccountname
    }
    }
    }
    
    

    Tuesday, October 15, 2019 8:39 PM

All replies