@Adam, Just busting chops. I like to joke about everything, including
stereotypical sysadmins (on the windows or nix sides). Keeps things light.
:)
Below is a set of scripts, in a PS Module, that I wrote to help maintain
offshore development accounts in Active Directory. I have a CSV template
which the offshore team managers fill out and send me with their changes.
There are many additional features/comments that I need to add, but this
has already saved me a lot of time. I'll probably be open sourcing this in
the long run, just so others can use it more readily and contribute back.
import-module activedirectory
function new-emailaddress{
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $FirstName,
[parameter(Mandatory=$true)]
[string] $LastName,
[parameter(Mandatory=$true)]
[string] $Company
)
switch ($Company.ToLower()) {
infobeans {$retval = $FirstName + "." + $LastName + "@infobeans.com"}
annet {$retval = $FirstName + "." + $LastName + "@annet.com"}
mindtree {$retval = $FirstName + "_" + $LastName + "@mindtree.com"}
default {$retval = $FirstName + "." + $LastName + "@example.com"}
}
return $retval
}
function new-password {
<#
.SYNOPSIS
Returns a secure string
.PARAMETER Password
The plain-text password string that should be returned as secure text
.EXAMPLE
PS C:\> new-password -Password "string"
.INPUTS
System.String
.OUTPUTS
System.String
#>
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $Password
)
return ConvertTo-SecureString $Password -AsPlainText -Force
}
function new-oupath {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $Company
)
switch ($Company.ToLower()) {
infobeans {$retval =
"OU=InfoBeans,OU=Contractors,DC=polarismanagement,DC=local" }
annet {$retval = "OU=Annet,OU=Contractors,DC=polarismanagement,DC=local"}
mindtree {$retval =
"OU=MindTree,OU=Contractors,DC=polarismanagement,DC=local" }
default {$retval = "OU=Contractors,DC=polarismanagement,DC=local"}
}
return $retval
}
function add-usertogroup {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
[string] $Company,
[parameter(Mandatory=$true)]
[string] $UserName
)
switch ($Company.ToLower()) {
infobeans {
Add-ADGroupMember "InfoBeans-Users" -Members $UserName
}
annet {
Add-ADGroupMember "ANNET USERS" -Members $UserName
}
mindtree {
Add-ADGroupMember "MindTree-Users" -Members $UserName
}
default {}
}
}
function new-user {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[parameter(Mandatory=$true)]
$User
)
if ($User.password){
$Password = new-password -Password $User.password
}else{
$Password = new-password -Password "Polaris2012!"
}
$FullName = $User.firstname + " " + $User.lastname
$FirstName = $User.firstname
$LastName = $User.lastname
$UserName = $User.firstname.substring(0,1) + $User.lastname
$Company = $User.Company
$Email = new-emailaddress -FirstName $FirstName -LastName $LastName
-Company $Company
$OU = new-oupath -Company $User.Company
New-ADUser -Company $Company -Department "Offshore Development"
-Description "Offshore Development Team Member" -Name $FullName
-SamAccountName $UserName -DisplayName $FullName -GivenName $FirstName
-Surname $LastName -AccountPassword $Password -Enabled $true -Path $OU
add-usertogroup -UserName $UserName -Company $Company
}
function add-developers {
[cmdletbinding(SupportsShouldProcess=$True)]
param (
[Parameter(Mandatory=$true)]
[ValidateScript({Test-Path $_ })]
[string] $CSVFile
)
$Users = Import-Csv -Delimiter "," -Path $CSVFile
foreach ($User in $Users){
$UserName = $User.username
$UserExists = Get-ADUser -LDAPFilter "(sAMAccountName=$Username)"
# If the user exists and is supposed to be disabled, ensure they are.
if (($UserExists) -and ($user.enabled -eq "FALSE" )){
Write-output "User $UserName exists. Disabling."
get-ADUser $UserName | Set-ADUser -Enabled $false
}
#If the user exists and is supposed to be enabled, ensure they are.
elseif(($UserExists) -and ($user.enabled -eq "TRUE")){
Write-output "User $UserName exists. Enabling."
get-ADUser $UserName | Set-ADUser -Enabled $true
}
else{
Write-output "User $UserName does not exist. Creating."
new-user -User $User
}
}
}
#add-developers -CSVFile C:\projects\PowerShellUsers\newusers.csv
-Whatif:$true
On Tue, Nov 18, 2014 at 9:58 AM, Miles Fidelman <mfidel...@meetinghouse.net>
wrote:
> None recently, other than a little patching of our sympa (mailing list)
> code to deal with DMARC. Written in perl plus some of its own config
> language.
>
> Less recently: Various small bash scripts - backup, daily system tests
> (memory, disk use, purging quarantined spam) - 10-100 lines generally run
> as cron jobs
>
> Miles Fidelman
>
> Derek Murawsky wrote:
>
>> Do you want to hear from us lowly windows admins with our new-fangled
>> powershell scripts? :-D
>>
>>
>> On Tue, Nov 18, 2014 at 9:12 AM, Adam Moskowitz <ad...@menlo.com <mailto:
>> ad...@menlo.com>> wrote:
>>
>> On the way home from LISA '14 I found myself already thinking
>> about what
>> I'm going to submit to next year's conference and about what I'm going
>> to contribute to the community between now and then. I have some ideas
>> about what I want to do but my inner sysadmin is screaming at me to
>> first make sure I understand the problem before I design a solution.
>> With that in mind, I'm asking everyone who reads this to take a moment
>> and answer a few questions for me.
>>
>> I believe that many *nix sysadmins write programs (or "scripts,"
>> if you
>> prefer -- for this discussion the distinction doesn't matter). Maybe
>> it's this simple:
>>
>> #!/bin/bash
>> cd /home
>> du -ks * | sort -n | head -10
>>
>> and you wrap that in a cron job, or maybe it's a 200 line Perl program
>> that does something more complicated. If you're not writing programs
>> that's OK but I want to hear from the people who are writing them.
>>
>> Would you please take a few moments to send me a description of the
>> programs you've written in the last 3 or 6 or 12 months? Specifically,
>> would you please send me the following:
>>
>> * language used
>> * number of lines
>> * very brief description (< 140 chars? :-) of what
>> the program does
>> * who runs the program:
>> 1) you, from the command line
>> 2) people in your group, from the command line
>> 3) people outside your group, from the command line
>> 4) "the system" via anything from cron to whatever
>> config management system you use
>> 5) it's a web app
>> 6) other
>>
>> Here's an example:
>>
>> perl, 1363 lines
>> simple unit test harness for CLI tools
>> run by: 1 (me, from the command line)
>>
>> Please reply directly to me. I will NOT distribute or publish this
>> data
>> in any way -- I just want to know what kind of programs people here
>> write. Your answers won't even appear in a "highly anonymized form" in
>> anything I write; this is 100% "background" information that I'll
>> use to
>> help me decide what to do.
>>
>> Thanks,
>> Adam
>> _______________________________________________
>> Tech mailing list
>> Tech@lists.lopsa.org <mailto:Tech@lists.lopsa.org>
>> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
>> This list provided by the League of Professional System Administrators
>> http://lopsa.org/
>>
>>
>>
>>
>> _______________________________________________
>> Tech mailing list
>> Tech@lists.lopsa.org
>> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
>> This list provided by the League of Professional System Administrators
>> http://lopsa.org/
>>
>
>
> --
> In theory, there is no difference between theory and practice.
> In practice, there is. .... Yogi Berra
>
>
> _______________________________________________
> Tech mailing list
> Tech@lists.lopsa.org
> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
> This list provided by the League of Professional System Administrators
> http://lopsa.org/
>
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
