Add files via upload

CreateNewUsers.ps1

@@ -0,0 +1,172 @@
+#Import logon scripts for all departments from the CSV file.
+$logonScripts = Import-Csv -Path "C:\Scripts\Data\LogonScript.csv"
+
+#Import user Angel Stewart from CSV file.
+$users = Import-Csv -Path "C:\Scripts\Data\NewUsers.csv" | where {$_.FirstName -eq "Angel" -and $_.LastName -eq "Stewart"}
+
+$defphone = "713-485-5555"            #Default phone number
+$homeFolder = "\\chipvfs01\Users\"    #Path to Users shared folder which is to store user home folders
+$userAccounts = @()                   #UserAccounts object to store user account information    
+
+foreach($user in $users){             #Loop through each user read from the NewUsers.csv file
+
+    #Read users information from the CSV file
+    $gname = $user.FirstName
+    $mname = $user.MiddleName
+    $sname = $user.LastName
+    $fullname = $gname + " " + $sname
+    $description = $user.Description
+    $office = $user.Office
+    $country = $user.Country
+    $company = "ITLifeSkills"
+    $title = $user.JobTitle
+    $department = $user.Department
+
+    #Get the LogOnScript for the department of the current user 
+    $script = ($logonScripts | where {$_.Department -eq $department}).LogonScript
+
+    #Use the phone number in the CSV file if found otherwise use the default phone number
+    if($user.PhoneNumber){
+
+        $phone = $user.PhoneNumber
+    
+    }
+    else{
+        $phone = $defphone
+    }
+
+    # Generate a random password using ascii-characters-from-33-126
+    # For more information about the asciicharacters https://www.ibm.com/docs/en/sdse/6.4.0?topic=configuration-ascii-characters-from-33-126
+
+    $password = -join([char[]](33..122) | Get-Random -Count 10)
+    $securePassword = ConvertTo-SecureString ($password) -AsPlainText -Force
+
+    #Construct the username samAccount from middle name, given name and surname.
+    if($user.MiddleName){
+
+        $samAccount = ($gname[0] + $mname[0] + $sname[0]).ToLower()
+    
+    }
+    else{
+        $samAccount = ($gname[0] + "x" + $sname[0]).ToLower()
+    
+    }
+
+    # Verify if the username exists, if Yes add $i to the username
+    $i = 1
+    do{
+        
+        try{
+        $exist = Get-ADUser -Identity $samAccount
+        $samAccount = $samAccount + $i
+        $i++
+        }
+        catch{
+
+            break
+    
+        }
+    }while($exist)
+           
+    $userprincipal = $samAccount + "@hq.itlifeskills.local"    
+    
+    #If found  the manager in the CSV file, get the distinguished name of the manager
+    $manager = $user.Manager
+    if($manager){
+        $userManager = (Get-ADUser -Filter 'DisplayName -eq $manager').DistinguishedName
+    }
+    else{
+        $userManager = $null
+    }
+
+    #Find the Distinguished name of the department OU 
+    $baseOU = "OU=Users,OU=ITLifeSkills,DC=hq,DC=itlifeskills,DC=local"
+    $OU = (Get-ADOrganizationalUnit -SearchBase $baseOU -Filter 'Name -eq $department').DistinguishedName
+
+    #Path to the User Home Folder
+    $userFolder = $homeFolder + $fullname
+
+    #Form the object of user properties
+    $userProperties = @{
+        GivenName = $gname
+        Surname = $sname
+        DisplayName = $fullname
+        Name = $fullname
+        SamAccountName = $samAccount
+        AccountPassword = $securePassword
+        UserPrincipalName = $userprincipal
+        Office = $office
+        Company = $company
+        Country = $country
+        Department = $department
+        Description = $description
+        Title = $title
+        OfficePhone = $phone
+        HomeDirectory = $userFolder
+        HomeDrive = "U:"
+        ScriptPath = $script 
+        Path = $OU
+        Manager = $userManager
+        ChangePasswordAtLogon = $true
+        Enabled = $true
+    }
+    
+    #Create the new user from the @userProperties object
+    New-ADUser @userProperties
+    
+    #Chek if the folder exists. If not, create the user home folder
+    $exist = Test-Path $userFolder
+
+    if(!$exist){
+    
+        New-Item -Path $userFolder -ItemType "Directory"
+    }
+       
+    #Get the current access list on the user home folder    
+    $aclList  = Get-Acl -Path $userFolder
+    
+    #Create a rule parameters object for to grant FullControl access for the current user
+    
+    $parameters = @(
+     "HQ\$samAccount"        #IdentityReference
+     "FullControl"           #FileSystemRights
+     ,@(                     #InheritanceFlags
+        "ContainerInherit"   #Apply to the current folder
+        "ObjectInherit"      #Apply to subfolders and files in the current folder
+     )
+     "None"                  #PropagationFlags
+     "Allow"                 #AccessControlType
+    )
+
+    #Create the rule from the paramters
+    $rule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $parameters
+
+    #Add the rule into the current access list
+    $aclList.AddAccessRule($rule)
+
+    #Set the new rule on the user home folder    
+    $aclList | Set-Acl $userFolder
+
+    #Build the userdata object to export
+
+    $userData = [PSCustomObject]@{
+        Name = $fullname;    
+        SamAccountName = $samAccount;
+        AccountPassword = $password;
+        Office = $office;
+        Company = $company;
+        Country = $country
+        Department = $department;
+        Description = $description;
+        Title = $title;
+        OfficePhone = $phone;
+        Manager = $manager
+    }
+
+    $userAccounts += $userData
+
+}
+
+
+$userAccounts | Export-Csv -Path "C:\Scripts\Data\UserAccounts.csv" -NoTypeInformation
+#Get-ADUser -Identity egh -Properties *