Home > Net >  Adding group policies to new AD user
Adding group policies to new AD user

Time:10-02

Is there a way to add group policies to a new AD user in the same script? When I add the function of creating the new user to a button it only seems to make the new user at the end of the script, when I try to add the group policy to the variable $userName it cant find the user in AD. Can I get the new user to be made before the script ends? I also have to also declare the variable again for some reason.

function Creation {

$firstName = $textbox_FirstName.Text
$middleName = $textbox_MiddleName.Text
$lastName = $textbox_Surname.Text
$jobCode = $textbox_JobCode.Text
$Password = $textbox_Password.Text | ConvertTo-SecureString -AsPlainText -Force

if ($dropdown_FirstOU.Text -eq "Aberdeen") {
    $OU = "OU=Aberdeen,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif ($dropdown_FirstOU.Text -eq "Kingpin") {
    $OU = "OU=Kingpin,OU=UK,DC=Kuehne-Nagel,DC=local"
}

if (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "Business Development")) {
    $OU = "OU=Business Development,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "CTI/Property")) {
    $OU = "OU=CTI / Property,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
}

if (($dropdown_FirstOU.Text -eq "London") -and ($dropdown_SecondOU.Text -eq "Heathrow03") -and ($dropdown_ThirdOU.Text -eq "Heathrow03")) {
    $OU = "OU=Heathrow03,OU=Heathrow03,OU=London,OU=UK,DC=Kuehne-Nagel,DC=local"
}

$Telephone = $textbox_Telephone.Text

if ($textbox_MiddleName.Text -eq "") {
    $displayName = "$lastName, $firstName"
    $userName = "$firstName.$lastName"
} else {
    $displayName = "$lastName, $firstName $middleName"
    $userName = "$firstName.$middleName.$lastName"
}

New-ADUser -Name "$userName" -GivenName "$firstName" -Surname "$lastName" -Initials "$middleName" -officephone "$Telephone" -samAccountName "$userName" -AccountPassword $Password -Enabled $True -DisplayName "$displayName / Kuehne   Nagel / $jobCode" -userPrincipalName "$userName@kuehne-nagel.local" -Path "$OU"
Set-ADUser -Identity $userName -ChangePasswordAtLogon $true

}

function Template {

$firstName = $textbox_FirstName.Text
$middleName = $textbox_MiddleName.Text
$lastName = $textbox_Surname.Text

if ($textbox_MiddleName.Text -eq "") {
    $displayName = "$lastName, $firstName"
    $userName = "$firstName.$lastName"
} else {
    $displayName = "$lastName, $firstName $middleName"
    $userName = "$firstName.$middleName.$lastName"
}

if ($RadioButton_IFF.Checked) {
    Add-ADGroupMember -Identity "Test1" -Members $UserName
}

}

CodePudding user response:

After you create the user (New-ADUser), you will have to retrieve the ADUser object in order to use it.

Example:

New-ADUser -Name "$userName" -GivenName "$firstName" -Surname "$lastName" -Initials "$middleName" -officephone "$Telephone" -samAccountName "$userName" -AccountPassword $Password -Enabled $True -DisplayName "$displayName / Kuehne   Nagel / $jobCode" -userPrincipalName "$userName@kuehne-nagel.local" -Path "$OU"
$UserName = Get-ADUser $userName

Then you can use $userName with the Set-ADUser and Add-ADGroupMember commands.

To be honest, it would be easier to use one function and include your condition in one.

Example:

function Creation {

$firstName = $textbox_FirstName.Text
$middleName = $textbox_MiddleName.Text
$lastName = $textbox_Surname.Text
$jobCode = $textbox_JobCode.Text
$Password = $textbox_Password.Text | ConvertTo-SecureString -AsPlainText -Force

if ($dropdown_FirstOU.Text -eq "Aberdeen") {
    $OU = "OU=Aberdeen,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif ($dropdown_FirstOU.Text -eq "Kingpin") {
    $OU = "OU=Kingpin,OU=UK,DC=Kuehne-Nagel,DC=local"
}

if (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "Business Development")) {
    $OU = "OU=Business Development,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "CTI/Property")) {
    $OU = "OU=CTI / Property,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
}

if (($dropdown_FirstOU.Text -eq "London") -and ($dropdown_SecondOU.Text -eq "Heathrow03") -and ($dropdown_ThirdOU.Text -eq "Heathrow03")) {
    $OU = "OU=Heathrow03,OU=Heathrow03,OU=London,OU=UK,DC=Kuehne-Nagel,DC=local"
}

$Telephone = $textbox_Telephone.Text

if ($textbox_MiddleName.Text -eq "") {
    $displayName = "$lastName, $firstName"
    $userName = "$firstName.$lastName"
} else {
    $displayName = "$lastName, $firstName $middleName"
    $userName = "$firstName.$middleName.$lastName"
}

New-ADUser -Name "$userName" -GivenName "$firstName" -Surname "$lastName" -Initials "$middleName" -officephone "$Telephone" -samAccountName "$userName" -AccountPassword $Password -Enabled $True -DisplayName "$displayName / Kuehne   Nagel / $jobCode" -userPrincipalName "$userName@kuehne-nagel.local" -Path "$OU"
#new Part
$UserName = Get-ADUser $userName
$userName | Set-ADUser -ChangePasswordAtLogon $True
if ($RadioButton_IFF.Checked) {
        Add-ADGroupMember -Identity "Test1" -Members $UserName
    }

}
  • Related