Powershell script to create user, mailbox and put into AD group
- Thread starter ChrisD.
- Start date
Hi Chris,
Here is one I created for use at work:
#this script creates a staff user and enables their mailbox
Import-Module ActiveDirectory
Add-PSSnapin Microsoft.Exchange.Management.Powershell.E2010
$UserFirstname = Read-Host -Prompt 'Input first name'
$UserSurname = Read-Host -Prompt 'Input surname'
$Password = Read-Host -Prompt 'Input password'
$Dept = Read-Host -Prompt 'Input department'
$Title = Read-Host -Prompt 'Input job title'
$FirstLetterFirstname = $UserFirstname.substring(0,1)
$SAM = $FirstLetterFirstname + $Usersurname
$DisplayName = $FirstLetterFirstname + " " + $UserSurname
$FullName = $UserFirstname +" " + $UserSurname
$Profilepath = "\\college.local\sysvol\college.local\Shared Profiles\Staff"
$UPN = $SAM + "@college.org"
$OU = "OU=New Staff,OU=Staff,DC=college,DC=local"
$NewOU = "OU=Teachers,OU=Staff,DC=college,DC=local"
New-ADUser -Name $FullName -givenName $UserFirstname -surname $UserSurname -SamAccountName $SAM -UserPrincipalName $UPN -DisplayName $DisplayName -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -Enabled $true -Path $OU -ChangePasswordAtLogon $true -ProfilePath $Profilepath -Department $Dept -Title $Title
Start-sleep -s 5 #allow time for replication
Write-Host " "
Write-Host "$SAM has been created"
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Group 1' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Group 2' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Group 3' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Staff' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Teach' -Members $_ }
Write-Host " "
write-Host "User has been added to the default groups"
Start-Sleep -s 5 #allow time for replication
Enable-Mailbox $SAM
Get-ADUser $SAM | Move-ADObject -TargetPath $NewOU
Write-Host " "
Write-Host "$SAM moved to $NewOU..."
Write-Host " "
Write-Host "Copy this to the Staff members S drive: \\college.local\data\staffdata\teachers\$SAM\Documents"
Write-Host " "
write-Host "User also needs to be added to the relevant email groups"
Here is one I created for use at work:
#this script creates a staff user and enables their mailbox
Import-Module ActiveDirectory
Add-PSSnapin Microsoft.Exchange.Management.Powershell.E2010
$UserFirstname = Read-Host -Prompt 'Input first name'
$UserSurname = Read-Host -Prompt 'Input surname'
$Password = Read-Host -Prompt 'Input password'
$Dept = Read-Host -Prompt 'Input department'
$Title = Read-Host -Prompt 'Input job title'
$FirstLetterFirstname = $UserFirstname.substring(0,1)
$SAM = $FirstLetterFirstname + $Usersurname
$DisplayName = $FirstLetterFirstname + " " + $UserSurname
$FullName = $UserFirstname +" " + $UserSurname
$Profilepath = "\\college.local\sysvol\college.local\Shared Profiles\Staff"
$UPN = $SAM + "@college.org"
$OU = "OU=New Staff,OU=Staff,DC=college,DC=local"
$NewOU = "OU=Teachers,OU=Staff,DC=college,DC=local"
New-ADUser -Name $FullName -givenName $UserFirstname -surname $UserSurname -SamAccountName $SAM -UserPrincipalName $UPN -DisplayName $DisplayName -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -Enabled $true -Path $OU -ChangePasswordAtLogon $true -ProfilePath $Profilepath -Department $Dept -Title $Title
Start-sleep -s 5 #allow time for replication
Write-Host " "
Write-Host "$SAM has been created"
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Group 1' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Group 2' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Group 3' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Staff' -Members $_ }
Get-ADUser $SAM | ForEach-Object {Add-ADGroupMember -Identity 'Teach' -Members $_ }
Write-Host " "
write-Host "User has been added to the default groups"
Start-Sleep -s 5 #allow time for replication
Enable-Mailbox $SAM
Get-ADUser $SAM | Move-ADObject -TargetPath $NewOU
Write-Host " "
Write-Host "$SAM moved to $NewOU..."
Write-Host " "
Write-Host "Copy this to the Staff members S drive: \\college.local\data\staffdata\teachers\$SAM\Documents"
Write-Host " "
write-Host "User also needs to be added to the relevant email groups"
Soldato
- Joined
- 18 Oct 2002
- Posts
- 8,294
- Location
- The Land of Roundabouts
I'm intrigued on your use of the Sysvol share for your profiles?!
Handy little script, i was looking to do something quite similar with a gui and i may have to pilfer some of that
Thanks!I'm intrigued on your use of the Sysvol share for your profiles?!
Handy little script, i was looking to do something quite similar with a gui and i may have to pilfer some of that
Yes, unfortunately that was something setup before my time.
Excellent, glad I could help!
I haven't tested it but that looks exactly right to me.
Though you could probably save a bit of code for display name and add the space after the comma, so:
$Displayname = $UserLastName + ", " + $UserFirstName
But as I've said I haven't tested this - so let us know how you get on.
Thanks,
Danny
Ah that's strange, it's working fine for us on 2013. Do you get an error message?
https://social.technet.microsoft.co...ade5a82/exchange-2016-snapin?forum=Exch2016PS
It's changed. I don't know what our uri is, or if I do (which I thought I did) the above method isn't working.
It's changed. I don't know what our uri is, or if I do (which I thought I did) the above method isn't working.
The uri is the fully qualified domain name of the exchange server, so if your exchange server was 'srv-exchange' and your domain was 'college.local' then the fqdn would be 'srv-exchange.college.local'
Soldato
- Joined
- 25 Mar 2004
- Posts
- 16,007
- Location
- Fareham
You can sometimes avoid the + thing totally, powershell does let you use vars in strings like this:
$FirstName = "Bill"
$LastName = "Hats"
"$FirstName.$LastName"
"$FirstName, $LastName"
$FirstName = "Bill"
$LastName = "Hats"
"$FirstName.$LastName"
"$FirstName, $LastName"
Thanks HungryHippos, I'll keep that in mind!
Chris, what happens when you try it?
You could always run it line by line in non-ise powershell and see what happens.
The first line should popup and ask for domain credentials
The second line will create the session
The third line should enter you into the session
Thanks,
Danny
Chris, what happens when you try it?
You could always run it line by line in non-ise powershell and see what happens.
The first line should popup and ask for domain credentials
The second line will create the session
The third line should enter you into the session
Thanks,
Danny