How To Automate a PowerShell Daily Administrative Work In 3 Steps

Alex
Automate Your Work With Google Apps Script Main Logo

How To Automate a PowerShell Daily Administrative Work In 3 Steps

Laziness is the engine of progress …

So, after finding some free time we have decided to automate a fairly routine task for each system administrator – creating and deleting users.

1. PowerShell

It all started with the creation of a script on PowerShell, where the console was prompted to enter user data. As a result, the Active Directory user was created in the corresponding OU, with the fields filled in.

Automate Your Work With Google Apps Script Photo 1


$files = Get-ChildItem -LiteralPath \\server\users$ -Include *.txt -File

foreach ($file in $files) {
$text = Get-Content -Path $file.FullName
$data = $text.Split(";")
$action = $data[0]
$name = $data[1]
$lastName = $data[2]
$password = $data[3]
$project = $data[4]
$position = $data[5]
$pc = $data[6]

if ($action -eq "Add") {
createADUser $name $lastName $project $position $password $pc
}

elseif ($action -eq "Suspend") {
disableAdUser ("$name.$lastName")
}

$file.Delete()
}

function createADUser($name, $lastName, $project, $position, $password, $pc) {

$office = "Head Office"
$path = "OU=Users,DC=corp,DC=mydomain,DC=com"
$login = "$name.$lastName".ToLower()

if ($project -ne "") {
$path = "OU=$project,$path"
}

if ($password -eq "") {
$password = "12345678"
}

New-ADUser -Name "$name $lastName" -DisplayName "$name $lastName" -GivenName $name -Surname $lastName -SamAccountName $login -UserPrincipalName "$login@corp.mydomain.com" -Path $path -Enabled $true -AccountPassword (ConvertTo-SecureString -AsPlainText $password -Force)

Set-ADUser -Identity "$name.$lastName" -Department $projectName -Title $position -Office $office -ChangePasswordAtLogon $true -EmailAddress "$login@mydomain.com"

Set-ADAccountPassword -Identity "$name.$lastName" -NewPassword (ConvertTo-SecureString -AsPlainText $password -Force)

Add-ADGroupMember -Identity GroupName -Members "$name.$lastName"

if ($pc -ne "") {

Set-ADUser -Identity "$name.$lastName" -Description $pc.ToUpper()

setAdmin $pc $login
setPcConfig $pc
setPcOwner $pc $login
}

sendMail "$login has been created"
}

function disableAdUser ($user) {

$userObj = Get-ADUser -Identity $user

Set-ADUser -Identity $user -Enabled 0
Move-ADObject -Identity $userObj -TargetPath "OU=Fired_users,OU=Users,DC=corp,DC=mydomain,DC=com"

sendMail "$user has been disabled"
}

2. Google Apps Script

Next, we create a mailbox, which in my case is hosted on Gmail. Thanks to this, you can use the wonderful Apps Script service. It is based on JavaScript. The abundance of documentation and a little programming experience helped to sort this out. Here similarly we transfer the given functions – the account is created.

With the same tool, we modify the Welcome-letter template, replacing% username%, etc. for real data and send pdf to HR, the boss, the new user and of course to himself.


function createUser(name, lastName, gender, groups, password, title, department) {

var userMail = email((name + "." + lastName).toLowerCase());
var admin = email("admin");
var recipients = admin + "," + email("hr") + "," + email("boss");
var subject = "Welcome! " + name + " " + lastName + " - " + title;
var body = "Welcome to the jungle";
var attachment = makeWelcome(name, lastName, password);

var resource = {
"name": {
"familyName": lastName,
"givenName": name
},
"password": password,
"primaryEmail": userMail,
"changePasswordAtNextLogin": true,
"organizations": [{
"title": title,
"department": department
}],
"gender": {
"type": gender
}
}

AdminDirectory.Users.insert(resource);
Logger.log(userMail + "'S BEEN CREATED");

for (var i = 0; i < groups.length; i++) {
addMember(groups[i], userMail);
}

var options = {
"attachments": [attachment],
"name": "Sysadmin"
}

MailApp.sendEmail(recipients, subject, body, options);
MailApp.sendEmail(userMail, "Welcome!", body, options);
}

3. UI, Automation

Of course, entering data from two consoles is not the result we would like to get. In this way, the Google form for data was created. Scripts are added to the schedule for a repeat every 5 minutes.

Automate Your Work With Google Apps Script Photo 2

After working Google script, through Backup and Sync (GDrive), the data as a text file is transferred to the local network. Here, PowerShell taking everything under the control and starts parsing the file and creates an AD user.

Automate Your Work With Google Apps Script Photo 3

Related posts:

How You Can Automate Work In SAP With VBScript Main LogoHow You Can Automate Work In SAP With VBScript System Administration & Programming Main Logo 1How Does a SysAdmin Can Apply a Python Skills To His Daily Work? Part1 System Administration & Programming Main Logo 2How Does a SysAdmin Can Apply a Python Skills To His Daily Work? Part2 How to use SSH for various administrative tasks
Alex

Alex, the dynamic founder, entrepreneur, developer, and content writer at Smart Spate, is committed to excellence. As a digital innovator, Alex continually explores cutting-edge techniques to keep SmartSpate ahead in the industry. Passionate about web development, Alex is dedicated to producing high-quality, informative content in the ever-evolving world of web design.