我有一个CSV文件,我用来将多个用户上传到Active Directory中。其中的组列将包含多个不同的条目。我希望能够将其作为新用户脚本的一部分。
我当前在创建用户将组应用于每个用户后运行第二个脚本。
# Import active directory module for running AD cmdlets
Import-Module activedirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv C:uploadtestbulkupload2.csv
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below
$Username = $User.username
$Password = $User.password
$Firstname = $User.firstname
$Lastname = $User.lastname
$OU = $User.ou #This field refers to the OU the user account is to be created in
$email = $User.email
$Password = $User.Password
#Check to see if the user already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
}
else
{
#User does not exist then proceed to create the new user account
#Account will be created in the OU provided by the $OU variable read from the CSV file
New-ADUser `
-SamAccountName $username `
-UserPrincipalName "$username@lon.cloud" `
-Name "$Firstname $Lastname" `
-GivenName $Firstname `
-Surname $Lastname `
-Enabled $True `
-DisplayName "$Lastname, $Firstname" `
-Path $OU `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $False -PasswordNeverExpires:$True
}
}
然后我运行
$user = 'username'
$groups = 'DRC VPN Users', 'Echo Prod Users'
foreach ($group in $groups) {
Add-ADGroupMember -Identity $group -Members $user
}
我试图将它们作为一个脚本,但没有运气结合在一起。
New-ADUser
cmdlet具有很多参数,但是没有参数可以设置组成员身份。这需要在用户像下面创建用户之后完成。
我已经有所更改代码,并使用了脱落以更好地阅读,并避免不得不使用难以看见的背景。另外,无需首先将所有字段从CSV文件捕获到变量中。只需将它们直接用于参数。
# Import active directory module for running AD cmdlets
Import-Module activedirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv C:uploadtestbulkupload2.csv
$groups = 'DRC VPN Users', 'Echo Prod Users'
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers) {
# Read user data from each field in each row
# the username is used more often, so to prevent typing, save that in a variable
$Username = $User.username
# Check to see if the user already exists in AD
if (Get-ADUser -F "SamAccountName -eq '$Username'") {
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
}
else {
# User does not exist then proceed to create the new user account
# Account will be created in the OU provided by the $OU variable read from the CSV file
# create a hashtable for splatting the parameters
$userProps = @{
SamAccountName = $username
UserPrincipalName = '{0}@lon.cloud' -f $username
GivenName = $User.firstname
Surname = $User.lastname
Name = '{0} {1)' -f $User.firstname, $User.lastname
DisplayName = '{0}, {1}' -f $User.lastname, $User.firstname
Path = $User.ou # This field refers to the OU the user account is to be created in
EmailAddress = $User.email
AccountPassword = (ConvertTo-SecureString $User.password -AsPlainText -Force)
Enabled = $true
ChangePasswordAtLogon = $false
PasswordNeverExpires = $true
}
New-ADUser @userProps
# add the new user to the groups here
foreach ($group in $groups) {
Add-ADGroupMember -Identity $group -Members $username
}
}
}
请注意,Add-ADGroupMember
可以在-Members
参数中使用一系列用户名来批量添加用户,但是在这种情况下,我不会建议这样做以避免在AD中存在用户时避免使用错误消息(因此您没有在上面的代码中创建它们(