Создание пользователей Active Directory через CSV файл

Иногда бывает нужно создать в Active Directory кучу пользователей.

Создавать все это добро вручную долго и муторно, а если для каждой группы пользователей нужна своя OU? Или названия компаний для каждого свое?

Ниже я покажу скрипт, который создает пользователей из CSV файла.

Алгоритм следующий:

1) Создаем OU с названием компании пользователя

2) Создаем группы для пользователя и включаем его в них (мы создадим глобальную группу и универсальную)

3) Переводим названия созданных групп в AD в транслит

4) Добавляем пользователей в другие (общие) группы AD

Шапка CSV файла будет такой:

Lastname;Firstname;Login;Password;Position;Company;Number

Сам скрипт:

#Задаем переменные

$CSVpatch = "C:\PowerShell_Scripts5.csv"

$CSVcopy = "C:\PowerShell_Scripts502.csv"

$CSVwithADgroups = "C:\PowerShell_Scripts5ADG.csv"

$TMPcompany = "C:\PowerShell_Scripts\temp.txt"

$TMPListcompany = "C:\PowerShell_Scripts\TMPListcompany.txt"

$TMPListcompanyreplased = "C:\PowerShell_Scripts\TMPListcompanyreplased.txt"

$TMPcompanyTranslit = "C:\PowerShell_Scripts\translit.txt"

$TMPcompanyTranslitCSV = "C:\PowerShell_Scripts\translit.csv"

$TMPfile = "C:\PowerShell_Scripts\tmpfile.txt"

$AllinoneCSV = "C:\PowerShell_Scripts\allinonetranslit.csv"

# Создаем новый OU по названием компаний

Import-Csv $CSVpatch -Delimiter ";" | % {

$Company = $_.Company; # Set the user

NEW-ADOrganizationalUnit "$Company" –path "OU=Users,OU=Office365_Sync,DC=test,DC=local"
}

# Удаляем временные файлы

remove-item $CSVcopy

remove-item $CSVwithADgroups

remove-item $TMPcompany

remove-item $TMPListcompany

remove-item $TMPListcompanyreplased

remove-item $TMPcompanyTranslit

remove-item $TMPcompanyTranslitCSV

remove-item $AllinoneCSV

# Обрабатываем и преобразуем названия компаний (копируем столбец с компаниями и удаляем пробелы)

Import-Csv $CSVpatch -Delimiter ";" | % {

$Company = $_.Company; # Set the user

$Company >> $TMPcompany

}

$hash = @{} # define a new empty hash table

gc $TMPcompany | % {

if ($hash.$_ -eq $null) {

$_
};

$hash.$_ = 1

} > $TMPfile #$TMPListcompany

(Get-Content $TMPcompany) -replace " ","-" | Set-Content $TMPListcompanyreplased

# Преобразуем в транслит название компаний

remove-item $TMPcompanyTranslit

function global:Translit
{
param([string]$inString)
$Translit = @{
[char]'а' = "a"
[char]'А' = "A"
[char]'б' = "b"
[char]'Б' = "B"
[char]'в' = "v"
[char]'В' = "V"
[char]'г' = "g"
[char]'Г' = "G"
[char]'д' = "d"
[char]'Д' = "D"
[char]'е' = "e"
[char]'Е' = "E"
[char]'ё' = "yo"
[char]'Ё' = "Yo"
[char]'ж' = "zh"
[char]'Ж' = "Zh"
[char]'з' = "z"
[char]'З' = "Z"
[char]'и' = "i"
[char]'И' = "I"
[char]'й' = "j"
[char]'Й' = "J"
[char]'к' = "k"
[char]'К' = "K"
[char]'л' = "l"
[char]'Л' = "L"
[char]'м' = "m"
[char]'М' = "M"
[char]'н' = "n"
[char]'Н' = "N"
[char]'о' = "o"
[char]'О' = "O"
[char]'п' = "p"
[char]'П' = "P"
[char]'р' = "r"
[char]'Р' = "R"
[char]'с' = "s"
[char]'С' = "S"
[char]'т' = "t"
[char]'Т' = "T"
[char]'у' = "u"
[char]'У' = "U"
[char]'ф' = "f"
[char]'Ф' = "F"
[char]'х' = "h"
[char]'Х' = "H"
[char]'ц' = "c"
[char]'Ц' = "C"
[char]'ч' = "ch"
[char]'Ч' = "Ch"
[char]'ш' = "sh"
[char]'Ш' = "Sh"
[char]'щ' = "sch"
[char]'Щ' = "Sch"
[char]'ъ' = ""
[char]'Ъ' = ""
[char]'ы' = "y"
[char]'Ы' = "Y"
[char]'ь' = ""
[char]'Ь' = ""
[char]'э' = "e"
[char]'Э' = "E"
[char]'ю' = "yu"
[char]'Ю' = "Yu"
[char]'я' = "ya"
[char]'Я' = "Ya"
}
$outCHR=""
foreach ($CHR in $inCHR = $inString.ToCharArray())
{
if ($Translit[$CHR] -cne $Null )
{$outCHR += $Translit[$CHR]}
else
{$outCHR += $CHR}
}
Write-Output $outCHR
}

Get-Content $TMPListcompanyreplased | ForEach-Object {Translit($_)} > $TMPcompanyTranslit

##Создаем группы в AD

Copy-Item $CSVpatch $CSVcopy

function Insert-Content {
param ( [String]$Path )
process {
$( ,$_; Get-Content $Path -ea SilentlyContinue) | Out-File $Path
}
}

'ADgroup' | Insert-Content $TMPcompanyTranslit

import-csv $TMPcompanyTranslit -delimiter ';' | export-csv -NoTypeInformation -UseCulture $TMPcompanyTranslitCSV

(Get-Content $TMPcompanyTranslitCSV) -replace '"' | Set-Content $TMPcompanyTranslitCSV

$csv1 = @(gc $CSVcopy)
$csv2 = @(gc $TMPcompanyTranslitCSV)
$csv3 = @()
for ($i=0; $i -lt $csv1.Count; $i++) {
$csv3 += $csv1[$i] + ';' + $csv2[$i]
}

$csv3 | Out-File $AllinoneCSV

Import-Csv $AllinoneCSV -Delimiter ";"| % {

$Company = $_.Company; # Set the user
$OU = "OU=$Company,OU=test,OU=Office365_Sync,DC=test,DC=local"

$ADgroup = $_.ADgroup; # Set the user

#echo $OU

#echo $ADgroup
}

clear

Import-Csv $AllinoneCSV -Delimiter ";"| % {

$Firstname = $_.Firstname; # Set the user
$Lastname = $_.Lastname; # Set the user
$Login = $_.Login; # Set the user
$Password = $_.Password; # Set the user
$Position = $_.Position; # Set the user
$Company = $_.Company; # Set the user
$Number = $_.Number; # Set the user
$OU = "OU=$Company,OU=test,OU=Office365_Sync,DC=test,DC=local"
$ADgroup = $_.ADgroup; # Set the user

echo $ADgroup
$Displayname = "$Lastname $Firstname"

New-ADUser -SamAccountName "$Login" -name "$Displayname" -GivenName "$Firstname" -Surname "$Lastname" -PasswordNeverExpires $true -UserPrincipalName "$Login@domain.ru" -DisplayName "$Displayname" -EmailAddress "$Login@domain.ru" -Title "$Position" -enable $True -AccountPassword (ConvertTo-SecureString -AsPlainText "$Password" -Force) -Path "$OU" -company "$Company" -OtherAttributes @{'preferredLanguage'="RU"}

New-ADGroup -SamAccountName "GD-$ADgroup" -name "GD-$ADgroup" -GroupScope 1 -GroupCategory security -description "$Company" -OtherAttributes @{'info'="domain.ru"} -Path "$OU"

Set-ADGroup "GD-$ADgroup" -Replace @{mail="GD-$ADgroup@domain.ru"}

New-ADGroup -SamAccountName "$ADgroup" -name "$ADgroup" -GroupScope 2 -GroupCategory distribution -description "$ADgroup"-OtherAttributes @{'mail'="$ADgroup@domain.ru"} -Path "$OU"

}

Start-Sleep -Seconds 20

clear

Import-Csv $AllinoneCSV -Delimiter ";"| % {
$Company = $_.Company; # Set the user
$OU = "OU=$Company,OU=test,OU=Office365_Sync,DC=test,DC=local"

$OU

$users = Get-ADUser -Filter * -SearchBase "$OU"
#$users

$groups1 = Get-ADGroup -Filter * -SearchBase "$OU" | Where-Object {$_.SamAccountName -notlike "GD-*"}
$groups2 = Get-ADGroup -Filter * -SearchBase "$OU" | Where-Object {$_.SamAccountName -like "GD-*"}

Add-ADGroupMember "$groups1" -Member $users
Add-ADGroupMember "$groups2" -Member $users

Add-ADGroupMember "GD-TS-Users-Termsrv05-Region" -Member $users

Add-ADGroupMember "GD-All-test-Users" -Member $users

}

remove-item $CSVcopy

remove-item $CSVwithADgroups

remove-item $TMPcompany

remove-item $TMPListcompany

remove-item $TMPListcompanyreplased

remove-item $TMPcompanyTranslit

remove-item $TMPcompanyTranslitCSV

remove-item $AllinoneCSV

remove-item $TMPfile

Если вам нужно просто создать много учетных записей в Active Directory, то вам подойдет следующий скрипт:

#Задаем переменные

$CSVpatch = "C:\PowerShell_Scripts5.csv"


Import-Csv $CSVpatch -Delimiter ";" | % {


$Firstname = $_.Firstname; # Set the user
$Lastname = $_.Lastname; # Set the user
$Login = $_.Login; # Set the user
$Password = $_.Password; # Set the user
$Position = $_.Position; # Set the user
$Company = $_.Company; # Set the user
$Number = $_.Number; # Set the user

$Displayname = "$Lastname $Firstname"

New-ADUser -SamAccountName "$Login" -name "$Displayname" -GivenName "$Firstname" -Surname "$Lastname" -PasswordNeverExpires $true -UserPrincipalName "$Login@domain.local" -DisplayName "$Displayname" -EmailAddress "$Login@domain.ru" -Title "$Position" -enable $True -AccountPassword (ConvertTo-SecureString -AsPlainText "$Password" -Force) -company "$Company"

}