Is there a way to add group policies to a new AD user in the same script? When I add the function of creating the new user to a button it only seems to make the new user at the end of the script, when I try to add the group policy to the variable $userName it cant find the user in AD. Can I get the new user to be made before the script ends? I also have to also declare the variable again for some reason.
function Creation {
$firstName = $textbox_FirstName.Text
$middleName = $textbox_MiddleName.Text
$lastName = $textbox_Surname.Text
$jobCode = $textbox_JobCode.Text
$Password = $textbox_Password.Text | ConvertTo-SecureString -AsPlainText -Force
if ($dropdown_FirstOU.Text -eq "Aberdeen") {
$OU = "OU=Aberdeen,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif ($dropdown_FirstOU.Text -eq "Kingpin") {
$OU = "OU=Kingpin,OU=UK,DC=Kuehne-Nagel,DC=local"
}
if (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "Business Development")) {
$OU = "OU=Business Development,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "CTI/Property")) {
$OU = "OU=CTI / Property,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
}
if (($dropdown_FirstOU.Text -eq "London") -and ($dropdown_SecondOU.Text -eq "Heathrow03") -and ($dropdown_ThirdOU.Text -eq "Heathrow03")) {
$OU = "OU=Heathrow03,OU=Heathrow03,OU=London,OU=UK,DC=Kuehne-Nagel,DC=local"
}
$Telephone = $textbox_Telephone.Text
if ($textbox_MiddleName.Text -eq "") {
$displayName = "$lastName, $firstName"
$userName = "$firstName.$lastName"
} else {
$displayName = "$lastName, $firstName $middleName"
$userName = "$firstName.$middleName.$lastName"
}
New-ADUser -Name "$userName" -GivenName "$firstName" -Surname "$lastName" -Initials "$middleName" -officephone "$Telephone" -samAccountName "$userName" -AccountPassword $Password -Enabled $True -DisplayName "$displayName / Kuehne Nagel / $jobCode" -userPrincipalName "$userName@kuehne-nagel.local" -Path "$OU"
Set-ADUser -Identity $userName -ChangePasswordAtLogon $true
}
function Template {
$firstName = $textbox_FirstName.Text
$middleName = $textbox_MiddleName.Text
$lastName = $textbox_Surname.Text
if ($textbox_MiddleName.Text -eq "") {
$displayName = "$lastName, $firstName"
$userName = "$firstName.$lastName"
} else {
$displayName = "$lastName, $firstName $middleName"
$userName = "$firstName.$middleName.$lastName"
}
if ($RadioButton_IFF.Checked) {
Add-ADGroupMember -Identity "Test1" -Members $UserName
}
}
CodePudding user response:
After you create the user (New-ADUser
), you will have to retrieve the ADUser
object in order to use it.
Example:
New-ADUser -Name "$userName" -GivenName "$firstName" -Surname "$lastName" -Initials "$middleName" -officephone "$Telephone" -samAccountName "$userName" -AccountPassword $Password -Enabled $True -DisplayName "$displayName / Kuehne Nagel / $jobCode" -userPrincipalName "$userName@kuehne-nagel.local" -Path "$OU"
$UserName = Get-ADUser $userName
Then you can use $userName
with the Set-ADUser
and Add-ADGroupMember
commands.
To be honest, it would be easier to use one function and include your condition in one.
Example:
function Creation {
$firstName = $textbox_FirstName.Text
$middleName = $textbox_MiddleName.Text
$lastName = $textbox_Surname.Text
$jobCode = $textbox_JobCode.Text
$Password = $textbox_Password.Text | ConvertTo-SecureString -AsPlainText -Force
if ($dropdown_FirstOU.Text -eq "Aberdeen") {
$OU = "OU=Aberdeen,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif ($dropdown_FirstOU.Text -eq "Kingpin") {
$OU = "OU=Kingpin,OU=UK,DC=Kuehne-Nagel,DC=local"
}
if (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "Business Development")) {
$OU = "OU=Business Development,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
} elseif (($dropdown_FirstOU.Text -eq "Banbury") -and ($dropdown_SecondOU.Text -eq "CTI/Property")) {
$OU = "OU=CTI / Property,OU=Banbury,OU=UK,DC=Kuehne-Nagel,DC=local"
}
if (($dropdown_FirstOU.Text -eq "London") -and ($dropdown_SecondOU.Text -eq "Heathrow03") -and ($dropdown_ThirdOU.Text -eq "Heathrow03")) {
$OU = "OU=Heathrow03,OU=Heathrow03,OU=London,OU=UK,DC=Kuehne-Nagel,DC=local"
}
$Telephone = $textbox_Telephone.Text
if ($textbox_MiddleName.Text -eq "") {
$displayName = "$lastName, $firstName"
$userName = "$firstName.$lastName"
} else {
$displayName = "$lastName, $firstName $middleName"
$userName = "$firstName.$middleName.$lastName"
}
New-ADUser -Name "$userName" -GivenName "$firstName" -Surname "$lastName" -Initials "$middleName" -officephone "$Telephone" -samAccountName "$userName" -AccountPassword $Password -Enabled $True -DisplayName "$displayName / Kuehne Nagel / $jobCode" -userPrincipalName "$userName@kuehne-nagel.local" -Path "$OU"
#new Part
$UserName = Get-ADUser $userName
$userName | Set-ADUser -ChangePasswordAtLogon $True
if ($RadioButton_IFF.Checked) {
Add-ADGroupMember -Identity "Test1" -Members $UserName
}
}