functions/private/New-O365User.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
function New-O365User
{
    param (
    [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [ValidateNotNullOrEmpty()]

        [string]$Username,

        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [ValidateNotNullOrEmpty()]
     
        [string]$firstname,

        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true)]
 
        [string]$lastname,

        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [ValidateNotNullOrEmpty()]
 
        [string]$Title,

        [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [ValidateNotNullOrEmpty()]
    
        [string]$password,

        [Parameter(
                   ValueFromPipelineByPropertyName=$true)]
       # [ValidateNotNullOrEmpty()]
     
        [string[]]$license,

 [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [ValidateNotNullOrEmpty()]

        [string]$mobilephone,

         [Parameter(Mandatory=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [ValidateNotNullOrEmpty()]
    
        [string]$country     

        )
            

    Try
        {
        #$userexists = Get-MsolUser -SearchString $UserName
        $userexists = Get-AzureADUser -SearchString $UserName
            if ($userexists)
                {
                write-log -Message "User $username already exists"  -Type information
                $userexists
                }
            Else
                {
                $newuser = $null
                $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
                $PasswordProfile.EnforceChangePasswordPolicy = $true
                $PasswordProfile.ForceChangePasswordNextLogin = $true
                $PasswordProfile.Password = $PassWord
                while($newuser -eq $null){
                    write-log -message "Creating user '$($userName)'"
                   # $newuser = New-Msoluser -DisplayName $username -UserPrincipalName $username -FirstName $firstname -lastname $lastname -Title $title -Password $password -MobilePhone $mobilephone -Country $country -UsageLocation $country
                    $newuser = New-AzureADUser -AccountEnabled $true -GivenName $firstname -Surname $lastname -Country $country -Mobile $mobilephone -UserPrincipalName $Username -PasswordProfile $PasswordProfile -DisplayName $Username -UsageLocation $country -MailNickName $($username.split('@')[0])
                    if($? -eq $false){
                        throw $Error[0]
                    }
                    if($license){
                        foreach($Item in $license){
                            try {
                                write-log -message "Assigning license '$Item' to user '$($newuser.ObjectId)'"
                                #$null = Set-MsolUserLicense -UserPrincipalName $Username -AddLicenses $Item
                                $LicenseObject = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense 
                                $LicenseObject.SkuId = $Item
                                $LicensesObject = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses 
                                $null = $LicensesObject.AddLicenses = $LicenseObject

                                $null = Set-AzureADUserLicense -ObjectId $newuser.ObjectId -AssignedLicenses $LicensesObject
                                if($? -eq $false){
                                    throw $Error[0]
                                }
                            } catch {
                                write-log -type warning -message "Could not apply license '$Item' to user '$username': $_"
                            } 
                        }
                    }
                    }
                    
                }
                write-log -Message "User $UserName created"
                $newuser
                
            


        } 

    Catch
        {
        throw "Cannot create User $($username): $_"

     }

}