@Adam, Just busting chops. I like to joke about everything, including
stereotypical sysadmins (on the windows or nix sides). Keeps things light.
:)

Below is a set of scripts, in a PS Module, that I wrote to help maintain
offshore development accounts in Active Directory. I have a CSV template
which the offshore team managers fill out and send me with their changes.
There are many additional features/comments that I need to add, but this
has already saved me a lot of time. I'll probably be open sourcing this in
the long run, just so others can use it more readily and contribute back.

import-module activedirectory

function new-emailaddress{
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $FirstName,
[parameter(Mandatory=$true)]
[string] $LastName,
[parameter(Mandatory=$true)]
[string] $Company
)
switch ($Company.ToLower()) {
infobeans {$retval = $FirstName + "." + $LastName + "@infobeans.com"}
annet {$retval = $FirstName + "." + $LastName + "@annet.com"}
mindtree {$retval = $FirstName + "_" + $LastName + "@mindtree.com"}
default {$retval = $FirstName + "." + $LastName + "@example.com"}
}
return $retval
}

function new-password {
<#
.SYNOPSIS
Returns a secure string

.PARAMETER  Password
The plain-text password string that should be returned as secure text

.EXAMPLE
PS C:\> new-password -Password "string"

.INPUTS
System.String

.OUTPUTS
System.String
#>

[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $Password
)
return ConvertTo-SecureString $Password -AsPlainText -Force
}

function new-oupath {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $Company
)
switch ($Company.ToLower()) {
infobeans {$retval =
"OU=InfoBeans,OU=Contractors,DC=polarismanagement,DC=local" }
annet {$retval = "OU=Annet,OU=Contractors,DC=polarismanagement,DC=local"}
mindtree {$retval =
"OU=MindTree,OU=Contractors,DC=polarismanagement,DC=local" }
default {$retval = "OU=Contractors,DC=polarismanagement,DC=local"}
}
return $retval
}

function add-usertogroup {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $Company,
[parameter(Mandatory=$true)]
[string] $UserName
)
switch ($Company.ToLower()) {
infobeans {
Add-ADGroupMember "InfoBeans-Users" -Members $UserName
}
annet {
Add-ADGroupMember "ANNET USERS" -Members $UserName
}
mindtree {
Add-ADGroupMember "MindTree-Users" -Members $UserName
}
default {}
}
}

function new-user {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
$User
)
if ($User.password){
$Password = new-password -Password $User.password
}else{
$Password = new-password -Password "Polaris2012!"
}
$FullName = $User.firstname + " " + $User.lastname
$FirstName = $User.firstname
$LastName = $User.lastname
$UserName = $User.firstname.substring(0,1) + $User.lastname
$Company = $User.Company
$Email = new-emailaddress -FirstName $FirstName -LastName $LastName
-Company $Company
$OU = new-oupath -Company $User.Company
New-ADUser -Company $Company -Department "Offshore Development"
-Description "Offshore Development Team Member" -Name $FullName
-SamAccountName $UserName  -DisplayName $FullName -GivenName $FirstName
-Surname $LastName -AccountPassword $Password -Enabled $true -Path $OU
add-usertogroup -UserName $UserName -Company $Company
}

function add-developers {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[Parameter(Mandatory=$true)]
[ValidateScript({Test-Path $_ })]
[string] $CSVFile
)
$Users = Import-Csv -Delimiter "," -Path $CSVFile
foreach ($User in $Users){
$UserName = $User.username
$UserExists = Get-ADUser -LDAPFilter "(sAMAccountName=$Username)"
# If the user exists and is supposed to be disabled, ensure they are.
if (($UserExists) -and ($user.enabled -eq "FALSE" )){
Write-output "User $UserName exists. Disabling."
get-ADUser $UserName | Set-ADUser -Enabled $false
}
#If the user exists and is supposed to be enabled, ensure they are.
elseif(($UserExists) -and ($user.enabled -eq "TRUE")){
Write-output "User $UserName exists. Enabling."
get-ADUser $UserName | Set-ADUser -Enabled $true
}
else{
Write-output "User $UserName does not exist. Creating."
new-user -User $User
}
}
}

#add-developers -CSVFile C:\projects\PowerShellUsers\newusers.csv
-Whatif:$true

On Tue, Nov 18, 2014 at 9:58 AM, Miles Fidelman <mfidel...@meetinghouse.net>
wrote:

> None recently, other than a little patching of our sympa (mailing list)
> code to deal with DMARC. Written in perl plus some of its own config
> language.
>
> Less recently:  Various small bash scripts - backup, daily system tests
> (memory, disk use, purging quarantined spam) - 10-100 lines generally run
> as cron jobs
>
> Miles Fidelman
>
> Derek Murawsky wrote:
>
>> Do you want to hear from us lowly windows admins with our new-fangled
>> powershell scripts? :-D
>>
>>
>> On Tue, Nov 18, 2014 at 9:12 AM, Adam Moskowitz <ad...@menlo.com <mailto:
>> ad...@menlo.com>> wrote:
>>
>>     On the way home from LISA '14 I found myself already thinking
>>     about what
>>     I'm going to submit to next year's conference and about what I'm going
>>     to contribute to the community between now and then. I have some ideas
>>     about what I want to do but my inner sysadmin is screaming at me to
>>     first make sure I understand the problem before I design a solution.
>>     With that in mind, I'm asking everyone who reads this to take a moment
>>     and answer a few questions for me.
>>
>>     I believe that many *nix sysadmins write programs (or "scripts,"
>>     if you
>>     prefer -- for this discussion the distinction doesn't matter). Maybe
>>     it's this simple:
>>
>>             #!/bin/bash
>>             cd /home
>>             du -ks * | sort -n | head -10
>>
>>     and you wrap that in a cron job, or maybe it's a 200 line Perl program
>>     that does something more complicated. If you're not writing programs
>>     that's OK but I want to hear from the people who are writing them.
>>
>>     Would you please take a few moments to send me a description of the
>>     programs you've written in the last 3 or 6 or 12 months? Specifically,
>>     would you please send me the following:
>>
>>             * language used
>>             * number of lines
>>             * very brief description (< 140 chars? :-) of what
>>               the program does
>>             * who runs the program:
>>                 1) you, from the command line
>>                 2) people in your group, from the command line
>>                 3) people outside your group, from the command line
>>                 4) "the system" via anything from cron to whatever
>>                    config management system you use
>>                 5) it's a web app
>>                 6) other
>>
>>     Here's an example:
>>
>>             perl, 1363 lines
>>             simple unit test harness for CLI tools
>>             run by: 1 (me, from the command line)
>>
>>     Please reply directly to me. I will NOT distribute or publish this
>>     data
>>     in any way -- I just want to know what kind of programs people here
>>     write. Your answers won't even appear in a "highly anonymized form" in
>>     anything I write; this is 100% "background" information that I'll
>>     use to
>>     help me decide what to do.
>>
>>     Thanks,
>>     Adam
>>     _______________________________________________
>>     Tech mailing list
>>     Tech@lists.lopsa.org <mailto:Tech@lists.lopsa.org>
>>     https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
>>     This list provided by the League of Professional System Administrators
>>     http://lopsa.org/
>>
>>
>>
>>
>> _______________________________________________
>> Tech mailing list
>> Tech@lists.lopsa.org
>> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
>> This list provided by the League of Professional System Administrators
>>   http://lopsa.org/
>>
>
>
> --
> In theory, there is no difference between theory and practice.
> In practice, there is.   .... Yogi Berra
>
>
> _______________________________________________
> Tech mailing list
> Tech@lists.lopsa.org
> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
> This list provided by the League of Professional System Administrators
> http://lopsa.org/
>
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
 http://lopsa.org/

Reply via email to