PDT user creator in, hold it… PowerShell!

 

 

Well, I’ve read about it. I’ve tried some. I’ve never written one myself. But it finally happened! Using the PDT (PowerShell Deployment Toolkit) I’ve come to realise that creating the users and groups in my lab Environment takes some time. And what’s better to go PowerShell when it’s time to create a new script, don’t wanna be seen doing old vb-scripts 🙂

If you haven’t tested PDT yet, go do it instantly! It’s written by Rob Willis from Microsoft, and he has saved me at least 200 hours already. Check it out at http://blogs.technet.com/b/privatecloud/archive/2013/02/08/deployment-introducing-powershell-deployment-toolkit.aspx

 

Copy / save as PDTUserCreator.ps1


# Script creates users, ou:s and groups for PDT #
# Created by Joachim NĂ€sslander, Microsoft #
# joachim.nasslander@microsoft.com #
# #
# Script provided as-is #
# #

# Import module and check for write permissions
cls
Import-Module ActiveDirectory
try {
New-ADUser -name TemporaryUser -SamAccountName TemporaryUser
Remove-ADUser TemporaryUser -Confirm:$false
}
catch
{
Write-Host “No write permissions in Active Directory”
Exit
}

# Create arrays, passwords, get domains and stuff
$PDTusers=”!installer”,”!vmm”,”!or”,”!ac”,”!om_saa”,”!om_das”,”!om_dra”,”!om_dwa”,”!sm_s”,”!sm_w”,”!sm_r”,”!sm_a”,”!sql”,”!jd”
$PDTUserPassword=”P@ssw0rd”
$SecurePDTUserPassword=$PDTUserPassword | ConvertTo-SecureString -AsPlainText -Force
$PDTOUs=”Services”,”Servers”,”Groups”,”Users”
$PDTGroups=”AC Admins”, “OM Admins”, “CM Admins”, “SM Admins”, “Orchestrator Admins”, “VMM Admins”, “DPM Admins”, “SQL Admins”
$Domain=Get-ADDomain
$DistName=$Domain.DistinguishedName
$DNSRoot=$Domain.DNSRoot
# Check / create ou’s
if (dsquery ou domainroot -name HQ)
{}
else {
New-ADOrganizationalUnit -Name “HQ” -Path $DistName -ErrorAction SilentlyContinue
}
foreach($ou in $PDTOUs){
if (dsquery ou domainroot -name $ou)
{}
else {
New-ADOrganizationalUnit -Name “$ou” -Path “OU=HQ,$DistName” -ErrorAction SilentlyContinue
}
}
# Check / create groups
foreach($group in $PDTGroups){
if (dsquery group -samid $group)
{}
else {

New-ADGroup -Name $group -GroupScope Global -Path “OU=Groups,OU=HQ,$DistName” -ErrorAction SilentlyContinue
}
}
# Check / create users
foreach ($user in $PDTusers){
if (dsquery user -samid $user)
{}
else
{
New-ADUser -Name “$user” -SamAccountName “$user” -ChangePasswordAtLogon 0 -AccountPassword $SecurePDTUserPassword -Description “PDT created user” -Enabled 1 -Path “OU=Users,OU=HQ,$DistName”
}
}
Add-ADGroupMember -Identity “SQL Admins” -Members “!sql” -ErrorAction SilentlyContinue
Write-Host “PDT users, groups and OU’s created”

Leave a Reply

Your email address will not be published. Required fields are marked *