ADD2AzureADfromText.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
<#PSScriptInfo
 
    .VERSION 1.0
 
    .GUID ad6f9ca1-9de6-4635-9b92-de53a2ab7af9
 
    .AUTHOR Vikas Sukhija
 
    .COMPANYNAME techwizard.cloud
 
    .COPYRIGHT techwizard.cloud
 
    .TAGS
 
    .LICENSEURI
 
    .PROJECTURI
 
    .ICONURI
 
    .EXTERNALMODULEDEPENDENCIES
 
    .REQUIREDSCRIPTS
 
    .EXTERNALSCRIPTDEPENDENCIES
 
    .RELEASENOTES
 
    .PRIVATEDATA
 
    Created with: ISE
    Created on: 8/18/2021 1:46 PM
    Created by: Vikas Sukhija
    Organization:
    Filename: AzureAdGroupmembershipupdatefromtxt.ps1
 
#>


<#
 
    .DESCRIPTION
    This script will update azuread group membership
 
#>
 
###############################Paramters#########################################
param (
  [Parameter(Mandatory = $true)]
  [string]$Azgroupid,
  [string]$Userlist = 'Users.txt', #Userprincipalnames
  [Parameter(Mandatory = $true)]
  [ValidateSet('ADD','Remove')]
  $operation
)
################################Load functions#######################################
function New-FolderCreation
{
  [CmdletBinding()]
  param
  (
    [Parameter(Mandatory = $true)]
    [string]$foldername
  )
    

  $logpath  = (Get-Location).path + "\" + "$foldername" 
  $testlogpath = Test-Path -Path $logpath
  if($testlogpath -eq $false)
  {
    $null = New-Item -Path (Get-Location).path -Name $foldername -Type directory
  }
}####new folder creation
function Write-Log
{
  [CmdletBinding()]
  param
  (
    [Parameter(Mandatory = $true,ParameterSetName = 'Create')]
    [array]$Name,
    [Parameter(Mandatory = $true,ParameterSetName = 'Create')]
    [string]$Ext,
    [Parameter(Mandatory = $true,ParameterSetName = 'Create')]
    [string]$folder,
    
    [Parameter(ParameterSetName = 'Create',Position = 0)][switch]$Create,
    
    [Parameter(Mandatory = $true,ParameterSetName = 'Message')]
    [String]$message,
    [Parameter(Mandatory = $true,ParameterSetName = 'Message')]
    [String]$path,
    [Parameter(Mandatory = $false,ParameterSetName = 'Message')]
    [ValidateSet('Information','Warning','Error')]
    [string]$Severity = 'Information',
    
    [Parameter(ParameterSetName = 'Message',Position = 0)][Switch]$MSG
  )
  switch ($PsCmdlet.ParameterSetName) {
    "Create"
    {
      $log = @()
      $date1 = Get-Date -Format d
      $date1 = $date1.ToString().Replace("/", "-")
      $time = Get-Date -Format t
    
      $time = $time.ToString().Replace(":", "-")
      $time = $time.ToString().Replace(" ", "")
      New-FolderCreation -foldername $folder
      foreach ($n in $Name)
      {$log += (Get-Location).Path + "\" + $folder + "\" + $n + "_" + $date1 + "_" + $time + "_.$Ext"}
      return $log
    }
    "Message"
    {
      $date = Get-Date
      $concatmessage = "|$date" + "| |" + $message +"| |" + "$Severity|"
      switch($Severity){
        "Information"{Write-Host -Object $concatmessage -ForegroundColor Green}
        "Warning"{Write-Host -Object $concatmessage -ForegroundColor Yellow}
        "Error"{Write-Host -Object $concatmessage -ForegroundColor Red}
      }
      
      Add-Content -Path $path -Value $concatmessage
    }
  }
} #Function Write-Log

######################logs and variables####################################
$log = Write-Log -Name "AzGroupUpdate" -folder "logs" -Ext "log"
$report1 = Write-Log -Name "AzGroupUpdate" -folder "report" -Ext "csv"

$collection =@()
#############################################################################
Write-log -message "Start.............Script" -path $log
try{
  Connect-AzureAD
  Write-log -message "Connected to AzureAD" -path $log
}
catch{
 $exception = $_.Exception.Message
 Write-Log -Message "exception $exception has occured connecting AzureAD" -path $log -Severity Error
 exit
}
#######################process users#########################################
Get-Content $Userlist | ForEach-Object{
  $error.clear()
  $upn=$_.trim()
  $coll = "" | select UPN, Status
  $coll.UPN = $upn
  $getazureaduser = Get-AzureADUser -Filter "userprincipalname eq '$($upn)'"
  if($getazureaduser){
    $getazmembership = Get-AzureADUserMembership  -ObjectId $getazureaduser.ObjectId -All $true
    ###########################Add Operation############################
    if($operation -eq "ADD"){
      if($getazmembership.objectId -contains $Azgroupid){
        $coll.Status = "AlreadyMember"
        Write-log -message "$UPN is already member of $Azgroupid" -path $log -Severity Warning
      }
      else{
        Add-AzureADGroupMember -ObjectId $Azgroupid -RefObjectId $getazureaduser.ObjectId
        if($error){
          Write-log -message "Error - Adding $UPN to $Azgroupid" -path $log -Severity error
          $coll.Status = "ErrorADD"
          $error.clear()
        }
        else{
          Write-log -message "Success - Adding $UPN to $Azgroupid" -path $log
          $coll.Status = "SuccessADD"
        }
      }
    }
    ###################################Remove Operation##################
    if($operation -eq "Remove"){
      if($getazmembership.objectId -contains $Azgroupid){
        Remove-AzureADGroupMember -ObjectId $Azgroupid -MemberId $getazureaduser.objectid
        if($error){
          Write-log -message "Error - Removing $UPN to $Azgroupid" -path $log -Severity error
          $coll.Status = "ErrorRemove"
          $error.clear()
        }
        else{
          Write-log -message "Success - Remove $UPN to $Azgroupid" -path $log
          $coll.Status = "SuccessRemove"
        }
      }
      else{
        $coll.Status = "NotMember"
        Write-log -message "$UPN is not member of $Azgroupid" -path $log -Severity Warning
      }
    }
  }
  else{
    Write-log -message "$UPN NotFound" -path $log 
    $coll.Status="UserNotFound"
  }
  $collection+=$coll
}

$collection | Export-Csv $report1 -NoTypeInformation
Write-log -message "Finish............Script" -path $log
Disconnect-AzureAD
##########################################################################################