public/New-O365SyncdUser.ps1
|
<#
.Synopsis This powershell cmdlet streamlines setting up a new user in Active Directory to sync with Office 365. You could use the New-AdUser command to accomplish the same task, but this shortens it significantly and sets up a user with the necessary fields needed for the Azure AD Sync Tool running on your Directory sync server. .Description Creates a new user on your Domain with the necessary information to sync up with Office 365. Once created, you can either force a Sync or wait for the scheduled directory sync to occur, and then you can activate the user in Office 365. The parameters required in this cmdlet include: Username - sets the username for the user in Active Directory DisplayName - sets the Display Name for the user in Active Directory Email - sets the Primary SMTP Mailing address in Active Directory and syncs with Office 365 for the users mailbox OU - sets the Organizational Unit in Active Directory to place the new user PW - sets the password for the user account being created Fname - sets the users First Name field in AD (not required) Lname - sets the users Last Name field in AD (not required) Note: If any variables have spaces, remember to wrap them in quotes. Also, for OU Formatting, you can either type out the varaible going backwards from the OU to the domain or you can run Get-O365OUs for a list of the OU's available in your domain. .Example New-O365SyncdUser -Username jbond -DisplayName "Agent James Bond" -Fname "James" -Lname "Bond" -Email "James.Bond@MYDOMAIN.com" -OU "OU=Agents,OU=MI6,DC=MYDOMAIN,DC=LOCAL" -PW "MyPassword" This example shows the syntax of the command for creating a new user that will sync with Azure AD Connect. In this example, a new user by the name of James Bond is going to be created with an email address of James.Bond@mydomain.com and the account will be placed in Active Directory in the Mydomain.local>MI6>Agents OU. #> Function New-O365SyncdUser{ [cmdletbinding()] Param ( [Parameter(Position=0,mandatory=$true)] [string]$Username, [Parameter(Position=1,mandatory=$true)] [string]$DisplayName, [Parameter(Position=2)] [string]$FName, [Parameter(Position=3)] [string]$LName, [Parameter(Position=4,mandatory=$true)] [string]$Email, [Parameter(Position=5,mandatory=$true)] [string]$OU, [Parameter(Position=6,mandatory=$true)] [string]$PW ) # End of Parameters Process { $checkOU= [adsi]::Exists("LDAP://$OU") if ($checkOU -eq $true){ New-ADUser -Name "$DisplayName" -SamAccountname "$Username" -UserPrincipalName "$Username" -DisplayName "$DisplayName" -GivenName "$Fname" -Surname "$LName" -OtherAttributes @{'mail'="$Email"} -Path "$OU" -AccountPassword (ConvertTo-SecureString "$pw" -AsPlainText -force) -Enabled $true } else{ Write-Host "The (OU) ORGANIZATIONAL UNIT:" -ForegroundColor Red Write-Host "'$OU'" -ForegroundColor Red Write-Host "DOES NOT EXIST! Make sure the OU has the correct formatting" -ForegroundColor Red Write-Host "and that it exists. See below for valid OU's inyour domain: " -ForegroundColor Red Write-Host "************************************************************" -ForegroundColor Red Get-O365OUs Write-Host "************************************************************" -ForegroundColor Red Write-Host "Use any of the above 'DistinguishedName' values for an OU. ABORTING OPERATION!" -ForegroundColor Red } } # End Process } |