0 votes

Hello, We'd like to create a scheduled task that:

  1. Imports a csv of users (there's a column with header sAMAccountName)
  2. Disables the account
  3. Changes the password to a random string ~12-20 characters long
  4. Emails the user's manager + specific other addresses

What's the best way to do this, (or even start to do this so we can build on that knowledge for other tasks we'd like to schedule.)

Thanks!

by (710 points)

1 Answer

0 votes
by (162k points)
0

Thanks for the link!

I see from the tutorial that I can include a column with header name 'Enabled' in the csv, and it looks like the second script in step 7 of the tutorial will do the trick.

Does it matter that the user accounts are spread across multiple OUs? The 'scheduled import wizard' looks like it affects only one OU - can you clarify that please?

Thanks

0

Hello,

Yes, that is correct. The script uses the distinguished name of the container that is specified in the Activity Scope of the Scheduled Task. If you need to update users in different locations, you will need to use a different approach. The following script from our repository should be helpful: https://www.adaxes.com/script-repository/import-new-and-updated-users-from-csv-file-s246.htm. If you have issues updating the script to meet your needs, we will gladly help you.

0

Aha! OK thanks - I've tweaked the variables a little in the first few lines so they are now:

<br>

Import-Module Adaxes

$csvFilePath = "\ourSERVER\ourshare\file.csv"
$userIdColumn = "userPrincipalName"
$userIdProperty = "sAMAccountName"
$accountPasswordColumn = "TempPasswd"
$aDObjectProperties = @("Manager")

$domainName = $Context.GetObjectDomain("%distinguishedName%")
$importedUsers  = Import-Csv -Path $csvFilePath

All the rest of the script is unchanged. Our csv headers are:: givenName,sn,name,mail,userPrincipalName,sAMAccountName,physicalDeliveryOfficeName,manager,employeeID,employeeType,extensionAttribute1,TempPasswd,Enabled

The manager column contains the name of the user's manager - as in the AD property name in the format "Alex Smith".

It looks like if we run this script it will create new users as well as disabling those with FALSE in the Enabled column of the csv. Two birds with one stone, yay!

1. Can you confirm that the variables as set in my above code will achieve our goal? 2. Will running this script create new users and that we can create a business rule to clean up the finer points of provisioning as described in https://www.adaxes.com/tutorials_AutomatingDailyTasks_AutomateUserProvisioning.htm ? 3. Is there a way to run this script in some kind of "verify" mode that outputs a report of changes that would have been made but does not actually make those changes?

If yes to all 3, and a 'how to' for Q3 then I think I will have all I need for the moment.

Graham

0

Hello,

Can you confirm that the variables as set in my above code will achieve our goal?

Yes, the variables look fine. However, the path in the $csvFilePath variable should start with a double slash:

$csvFilePath = "\\ourSERVER\ourshare\file.csv"

Will running this script create new users and that we can create a business rule to clean up the finer points of provisioning as described in https://www.adaxes.com/tutorials_AutomatingDailyTasks_AutomateUserProvisioning.htm ?

Yes.

Is there a way to run this script in some kind of "verify" mode that outputs a report of changes that would have been made but does not actually make those changes?

Yes, it is possible, however, you will need to significantly change the script for it to actually not perform any operations. Unfortunately, we do not have exact documentation for such an approach. If you have updating the script accordingly, we will gladly help you.

Related questions

0 votes
1 answer

Hi, Can you tell me how to look up a list of last logged-in users for computers from specific OU? Have OU called Laptops and need to know who as last person logged into ... username-of-last-user-who-lgged-on-to-computer-s269.htm but it' s not design for OU

asked Dec 2 by roberttryba (450 points)
0 votes
1 answer

Hello, I need to check, from a csv file, if users exist or not. I do not have the login name but only the atributs Name givenName The output must be another csv file ... " --&gt; False or True Is there an Adaxes script existing doing this? Thanks in advance!

asked Feb 4 by tentaal (5.2k points)
0 votes
1 answer

As part of our PCI compliance, we need to create a report of all the user accounts that are expiring in the next 30 days and email that to a user who compiles ... I was hoping to utilize Adaxes to automate it. Any assistance would be very much appreciated.

asked Apr 1, 2013 by danftasc (3.4k points)
0 votes
1 answer

I am setting up a custom command to decomission users, part of the process before the AD groups are removed I want it to export a list of the groups to a network location. ... command which I have added my account to, so i believe i have permission to run it.

asked Feb 15, 2018 by ScottGriff (1.9k points)
0 votes
1 answer

Hallo, I'm trying to build a function that will have two parameters $Containrer and $Filter $filter - is a LDAP filer that serach some specific objects $Containrer - is a ... is treated by powershell as a hash table, is it possible to workoroud it somhow?

asked Aug 12, 2015 by axmaster (2.7k points)
2,031 questions
1,806 answers
5,156 comments
1,016 users