Hi,
I have been tasked to automate the process of user creation and licensing assignment in O365. Luckily I got one PowerShell script and not I am trying to modify it to show a GUID box where I can put the user and license details.
Here’s what I have so far.
Powershell
*<# Modified by Josh McMullin on 12/30/19*
*This script adds a new user to AD as well the following attributes:*
*Automatically derives the username based on the first, last & middle initial*
*Enter unique values for:*
*Address information including street, PO Box, City, State, Zip*
*E-mail address*
*Phone*
*Changes the UPN, Proxy Addresses*
*#>*
*# Note the data boxes pop up behind PowerShell ISE for some reason.*
*# Working on fixing where the pop up box outputs to*
*# Note this version of the script creates the username as first initial and last name*
*# Will make alternate version for clients that required username first name last initial.*
Set-ExecutionPolicy RemoteSigned -Force -Scope CurrentUser
$UserCredential = Get-Credential
*# set default password*
$defpassword = (ConvertTo-SecureString "Welcome123!" -AsPlainText -force)
*# Enter Unique Employee Values*
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.VisualBasic")
$StreetAddress = [Microsoft.VisualBasic.Interaction]::InputBox("Enter Address")
$City = [Microsoft.VisualBasic.Interaction]::InputBox("Enter City")
$State = [Microsoft.VisualBasic.Interaction]::InputBox("Enter State")
$PostCode = [Microsoft.VisualBasic.Interaction]::InputBox("Enter Zip")
$Country = "US"
$Company = [Microsoft.VisualBasic.Interaction]::InputBox("Enter Company Name")
$DNSRoot = [Microsoft.VisualBasic.Interaction]::InputBox("Enter Domain" , "i.e. company.org")
*# Acquiring name data*
[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.VisualBasic")
$GivenName = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users first name", "New User Tool - First Name", "First")
$Initial = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users Middle Initial", "New User Tool - Middle Initail", "Middle Initial")
$SurName = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users last name", "New User Tool - Last Name", "Last")
*#Process that derives the username from the Given, Initial & Surname*
$SAMAccountName = $GivenName.Substring(0,1) + $Surname.Substring(0,[System.Math]::Min(7, $Surname.Length))
Write-Verbose "$samaccountname" -Verbose
**if** (Get-ADUser -Filter "samaccountname -eq '$samaccountname'"){
Write-Warning "user $samaccountname already exists"
$SAMAccountName = $GivenName.Substring(0,1) + $Surname.Substring(0,[System.Math]::Min(7, $Surname.Length))
}
*# Converts the samaccountname to lower case*
$SAMAccountLower = $SAMAccountName.ToLower()
*#Creates the display name*
$DisplayName = $GivenName + " " + $Surname
*#Acquires more data*
$EmpID = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users Employee ID", "New User Tool - Employee ID", "1234")
$Title = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users Title", "New User Tool - Title", "Clerk I")
$Office = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users workplace, Cottonwood or Field Staff", "New User Tool - Office", "Cottonwood")
$Department = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users Department", "New User Tool - Department", "Department")
$Phone = [Microsoft.VisualBasic.Interaction]::InputBox("Enter new users phone. 507-423-6262 for main office, mobile # for field staff", "New User Tool - Phone", "555-555-1212")
$Manager = Get-ADUser -Filter {enabled **-eq** $true} | Select-Object SamAccountName | Out-GridView -PassThru
*# Process that creates email address*
$Mail = $SAMAccountLower.ToLower() + "@" + $DNSRoot
*# Process that creates other field data that needs to filled in for Exchange Online & Signatures*
$ProxyAddress1 = "SMTP:" + $Mail
$UserPrincipalName = $Mail
$Description = $Department + " - " + $title
*# Setting OU that Account will Reside in*
*# Suggest using search filter in pop-up "ou=user" to return user ou's*
$SelectOU = Get-ADOrganizationalUnit -Filter * | Select-Object -Property DistinguishedName | Out-GridView -PassThru | Select-Object -ExpandProperty DistinguishedName
Get-ADUser -filter {samAccountName **-eq** $SamAccountLower} | Move-ADObject -TargetPath $SelectOU
*#This portion displays a summary of all the data that the user has entered*
[System.Windows.Forms.MessageBox]::show("Verify the following is correct:
The new user $DisplayName will be created with the following attributes:
Full Name: $GivenName $Initial $Surname $Creds
Username: $SAMAccountLower
Department/Title: $Description
Office Location: $Office
Phone: $Phone
Email Address is: $Mail
Manager is: $Manager
OU is: $SelectOU
OK will continue and add the above information to the Active Directory
OK to Continue." , "AD New User", 1)
$splat = @{
Path = $SelectOU
SamAccountName = $SamAccountLower
GivenName = $GivenName
Initial = $Initial
Surname = $Surname
Name = $DisplayName
DisplayName = $DisplayName
EmailAddress = $Mail
UserPrincipalName = $Mail
Title = $title
Description = $Description
Enabled = $true
ChangePasswordAtLogon = $true
PasswordNeverExpires = $false
AccountPassword = $defpassword
EmployeeID = $EmpID
OfficePhone = $Phone
Office = $Office
Department = $Department
Manager = $Manager
StreetAddress = $StreetAddress
City = $City
State = $State
PostalCode = $PostCode
Company = $Company
OtherAttributes = @{proxyAddresses = ($ProxyAddress1)}
}
New-ADUser @splat -Verbose
Set-ADUser $SAMAccountLower
Set-ADUser $SAMAccountLower -add @{Co = $Country}
*# Sync to Azure*
$AADComputer = ((Get-ADUser -Filter 'Name -like "AAD_*"' -Properties Description).Description).split(" ")[13].trim(".") + "." + (Get-WmiObject win32_computersystem).Domain
$session = New-PSSession -ComputerName $AADComputer
Invoke-Command -Session $session -ScriptBlock {Import-Module -Name 'ADSync'}
Invoke-Command -Session $session -ScriptBlock {Start-ADSyncSyncCycle -PolicyType Delta}
*# Pause script for 5 minutes*
Start-Sleep -Seconds 300
*## Connect to Office 365*
$credential = Get-Credential
Install-Module MSOnline
Import-Module MSOnline
Connect-MsolService -Credential $credential
Set-ExecutionPolicy 'RemoteSigned' -Scope **Process** -Confirm:$false
Set-ExecutionPolicy 'RemoteSigned' -Scope CurrentUser -Confirm:$false
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid -Credential $Credential -Authentication Basic -AllowRedirection
Import-PSSession $Session -AllowClobber -DisableNameChecking
*# Get available license options*
*# License user's mailbox*
$User = Get-MsolUser -All -UnlicensedUsersOnly | Out-GridView -Title 'Select a user' -OutputMode Single | Select-Object -ExpandProperty UserPrincipalName
$OfficeLicenses = Get-MsolAccountSku | Out-GridView -Title 'Select a license plan' -OutputMode Single | Select-Object -ExpandProperty AccountSkuId
Set-MsolUser -UserPrincipalName $User -UsageLocation US
Set-MsolUserLicense -UserPrincipalName $User -AddLicenses $OfficeLicenses
*# Sync to Azure*
$AADComputer = ((Get-ADUser -Filter 'Name -like "AAD_*"' -Properties Description).Description).split(" ")[13].trim(".") + "." + (Get-WmiObject win32_computersystem).Domain
$session = New-PSSession -ComputerName $AADComputer
Invoke-Command -Session $session -ScriptBlock {Import-Module -Name 'ADSync'}
Invoke-Command -Session $session -ScriptBlock {Start-ADSyncSyncCycle -PolicyType Delta}
*# End all PSSessions*
**Function** EndPSS { Get-PSSession | Remove-PSSession }