Script Repository


Create computer for new user

April 01, 2016
1216

The script allows creating a computer for a new user directly on the user creation form, which eliminates the necessity to perform a separate action for creating computer accounts. The new computer attributes will be passed via attributes of the user account. For this purpose, you can use Adaxes custom attributes, for example, CustomAttributeText1. Such attributes are not stored in AD, but can be used the same as any other attributes of AD objects.

For information on how to add the attributes to the form for creating users, see Customize Forms for User Creation and Editing, starting from step 6.

For information on how to give the attributes your own names, see Customizing Display Names for AD Properties.

To be able to use the script with Adaxes, you need to configure a Business Rule that runs it automatically after creating a new user account. For details, see Run PowerShell Script after Creating a User.

Parameters:

  • $computerName - specifies a template for the computer name.
    Note: You can use value references to insert properties of the user account in the computer name. For example, if you specify the %sAMAccountName%scomputer template, and the username of the new user is jdoe, the name of the user's computer will be jdoescomputer.
  • $computerContainerDN - specifies the Distinguished Name (DN) of the Organizational Unit or container where computers are created.
    Note: You can use value references to insert properties of the user account in the OU DN. For example, if you specify %adm-ParentDN%, the computer will be created in the same Organizational Unit as the user.
  • $propertyMap - specifies a map that describes which attribute of the user matches which attribute of the computer.
Edit Remove
PowerShell
$computerName = "%sAMAccountName%Computer" # TODO: modify me
$computerContainerDN = "OU=Computers,DC=domain,DC=com" # TODO: modify me
$propertyMap = @{
    "adm-CustomAttributeText1" = "description";
    "adm-CustomAttributeText2" = "location";
    "adm-CustomAttributeText3" = "serialNumber";
} # TODO: modify me. Example $propertyMap = @{"<user property name>" = "<computer property name>"}

function GetProperty($propertyName)
{
    try
    {
        $value = $Context.TargetObject.Get($propertyName)
    }
    catch
    {
        $value = $NULL
    }
    
    return $value
}

# Get computer properties
$computerDescription = GetProperty $computerDescriptionProperty
$computerLocation = GetProperty $computerLocationProperty
$computerSerial = GetProperty $computerSerialProperty

# Create computer
$container = $Context.BindToObjectByDN($computerContainerDN)
$computer = $container.Create("computer", "CN=$computerName")

# Set computer properties
[Softerra.Adaxes.Interop.Adsi.PersistentObjects.ADS_USER_FLAG_ENUM]$accountOptions =
    "ADS_UF_WORKSTATION_TRUST_ACCOUNT" # The new computer is a workstation
$computer.Put("userAccountControl", [Int32]$accountOptions)
$computer.Put("sAMAccountName", $computerName)

foreach ($userPropertyName in $propertyMap.Keys)
{
    $value = GetProperty $userPropertyName
    $computer.Put($propertyMap[$userPropertyName], $value)
}

# Set the user as the owner of the computer
$computer.Put("managedBy", "%distinguishedName%")

# Commit changes to the directory.
$computer.SetInfo()

Comments ( 0 )
No results found.
Leave a comment