Public/get-AllegisSNOWNewHires.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
function get-AllegisSNOWNewHires{
Param(
    [string]$snowFilter='u_provision_to_sailpoint=true^u_new_hire_item_id.active=true',
    [boolean]$interactive=$false,
    [string]$snowOrg,
    [pscredential]$snowcred,    
    [pscredential]$sqlcred,
    [string]$sqlserver,
    [string]$sqldatabase,
    [string]$sqltable,
    [boolean]$corpad=$true,
    [boolean]$asql=$true,
    [boolean]$snow=$true,
    [boolean]$fim=$false,
    [string]$fimhost,
    [pscredential]$fimcred,
    [pscredential]$adcred,
    [string]$adforest,
    [boolean]$azureAD=$false,
    [string]$fimservice,
    [string]$FIMuri,
    [boolean]$IdentityNow=$false,
    [string]$IDNOrg,
    [string]$IDNClientID,
    [string]$IDNSecret
)
    
    $json=get-AllegisSNOWUsers -snowFilter $snowFilter -snowOrg $snoworg -snowcred $snowcred -snowEnv $snowOrg
    "found $($json.count) users"
    foreach ($user in $json)
    {
        "processing $($user.sys_id):$($user.first_name):$($user.last_name):$($user.u_ag_user_domain)"
        if ($user.u_nick_name.Length + $user.user_name.Length -eq 0 -and !!$user.first_name -and !!$user.last_name -and !!$user.u_ag_user_domain)
        {
            $i=0
            do{
                $username=get-AllegisUsername -scheme firstInitial -firstname $user.first_name -lastname $user.last_name -maxlength 14 -iteration $i
                $i++
                "testing $username"
                $paramsusername=@{
                    username=$username
                    corpAD=$true
                    ASQL=$true
                    sqlserver=$sqlserver
                    sqlcred=$sqlcred
                    sqltable=$sqltable
                    sqldatabase=$sqldatabase
                    snow=$true
                    snowEnv=$snowOrg
                    snowcred=$snowCred
                    adcred=$adcred
                    adforest=$adforest
                    azureAD=$azuread
                    fim=$fim
                    fimservice=$fimservice
                    FIMuri=$fimuri
                    fimcred=$fimcred
                    IdentityNow=$identitynow
                    IDNOrg=$idnorg
                    IDNClientID=$idnclientid
                    IDNSecret=$idnsecret
                }
            }until(!( get-AllegisInUseUsername @paramsusername))
            
            $username=$username+'@'+"$(if ($user.u_ag_user_domain.length -eq 0){'allegisgroup.com'}else{$user.u_ag_user_domain})"
            "setting $($user.sys_id) to upn $username"
            set-AllegisSnowUsername -snowEnv $snoworg -snowCred $snowCred -usersysid $user.sys_id -upn $username
        }
        else
        {
            "user did not meet requirements to recieve username,
            1) u_nick_name and user_name in snow must be blank ($($user.u_nick_name):$($user.user_name))
            2) first_name, last_name, and u_ag_user_domain must have a value ($($user.first_name):$($user.last_name):$($user.u_ag_user_domain))"

        }
    }
}