-
Notifications
You must be signed in to change notification settings - Fork 0
/
Set-ADUserFromGroup.ps1
116 lines (99 loc) · 4.06 KB
/
Set-ADUserFromGroup.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<#
.Synopsis
Sets users attributes according to group membership.
.DESCRIPTION
Sets users attributes according to group membership. Checks specified groups,
runs through all members of those groups and sets attributes depending
on group membership.
.EXAMPLE
Set-ADUserFromGroup -DataForParameterOne Office1 -DataForParameterTwo City2 -DataForParameterThree Company3
Sets first group members attribute Office to Office1,
sets second group members attribute City to City2,
sets third group members attribute Company to Company3.
If a user is a member of several groups "earlier" write wins:
Group 1 has priority over Group 2 and Group 3.
Group 2 has priority over Group 3.
.EXAMPLE
Set-ADUserFromGroup -FirstGroup Grp1 -SecondGroup Grp2 -ThirdGroup Grp3 -ParameterOne Country -ParameterTwo Department -ParameterThree Fax -DataForParameterOne Country1 -DataForParameterTwo Department2 -DataForParameterThree Fax3
Sets Grp1 members attribute Country to Country1,
sets Grp2 members attribute Department to Department2,
sets Grp3 members attribute Fax to Fax3.
If a user is a member of several groups "earlier" write wins:
Group 1 has priority over Group 2 and Group 3.
Group 2 has priority over Group 3.
#>
function Set-ADUserFromGroup
{
[CmdletBinding()]
Param
(
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=0)]
$FirstGroup = 'Group 1',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=1)]
$SecondGroup = 'Group 2',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=2)]
$ThirdGroup = 'Group 3',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=2)]
$ParameterOne = 'Office',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=2)]
$ParameterTwo = 'City',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=2)]
$ParameterThree = 'Company',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=2)]
$DataForParameterOne = 'Group 1 Data',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=2)]
$DataForParameterTwo = 'Group 2 Data',
[Parameter(Mandatory=$false,
ValueFromPipelineByPropertyName=$true,
Position=2)]
$DataForParameterThree = 'Group 3 Data'
)
$FirstGroupMembers = Get-ADGroupMember $FirstGroup
$SecondGroupMembers = Get-ADGroupMember $SecondGroup
$ThirdGroupMembers = Get-ADGroupMember $ThirdGroup
#region Working with Group 1
$args = @{
$ParameterOne = $DataForParameterOne
}
foreach ($user in $FirstGroupMembers.samaccountname) {
Set-ADUser $user @args
}
#endregion
#region Working with Group 2
$SecondGroupvsFirstGroup = Compare-Object $SecondGroupMembers.samaccountname $FirstGroupMembers.samaccountname
$SecondGroupMembersFinal = $SecondGroupvsFirstGroup | Where-Object {$_.SideIndicator -eq '<='}
$args = @{
$ParameterTwo = $DataForParameterTwo
}
foreach ($user in $SecondGroupMembersFinal.InputObject.samaccountname) {
Set-ADUser $user @args
}
#endregion
#region Working with Group 3
$FirstGroupandSecondGroupMembers = $FirstGroupMembers.samaccountname + $SecondGroupMembers.samaccountname | Select-Object -Unique
$ThirdGroupvsFirstGroupandSecondGroup = Compare-Object $ThirdGroupMembers.samaccountname $FirstGroupandSecondGroupMembers
$ThirdGroupMembersFinal = $ThirdGroupvsFirstGroupandSecondGroup | Where-Object {$_.SideIndicator -eq '<='}
$args = @{
$ParameterThree = $DataForParameterThree
}
foreach ($user in $ThirdGroupMembersFinal.InputObject) {
Set-ADUser $user @args
}
#endregion
}