We recently added another domain to our environment, when we use the script to create users from a CSV file they are all being created in the first domain instead of the proper one.
Ex. User a works for Acme and their username is a123456 and needs to go to the Acme domain for staging.
User b works for Bozo and their username is b123456 and needs to go to the Bozo domain for staging.
We need to know how the script below can trigger where to create the account domain wise based on attribute we setup. Thinking is company attribute. We do have several trigger after creation but they are specific to certain attributes.
Please advise.
Import-Module Adaxes
$csvFilePath = "\\asp-adadaxes.admi.com\D$\\CSV\ImportedUsers.csv" # TODO: modify me
$accountPasswordColumn = "unicodePwd" # TODO: modify me
$sAMAccountNameColumn = "sAMAccountName" # TODO: modify me
$domainName = $Context.GetObjectDomain("%distinguishedName%")
$importedUsers = Import-Csv -Path $csvFilePath
foreach ($userFromCSV in $importedUsers)
{
$userObject = @{}
$accountPassword = $NULL
$propertiesToClear = @()
foreach ($property in $userFromCSV.PSObject.Properties)
{
$propertyName = $property.Name
$value = $property.Value
if($propertyName -ieq $accountPasswordColumn -and !([System.String]::IsNullOrEmpty($value)))
{
$accountPassword = ConvertTo-SecureString -AsPlainText $value -Force
continue
}
elseif ($propertyName -ieq $accountPasswordColumn -and [System.String]::IsNullOrEmpty($value))
{
continue
}
if ([System.String]::IsNullOrEmpty($value))
{
$propertiesToClear += $propertyName
continue
}
if ($value -ieq "True" -or $value -ieq "False")
{
$value = [System.Boolean]::Parse($value)
}
$userObject.Add($propertyName, $value)
}
# Check whether the user exists
$userExists = Get-AdmUser -Identity $userObject.$sAMAccountNameColumn `
-AdaxesService localhost -ErrorAction SilentlyContinue -Server $domainName
if ($userExists -eq $NULL)
{
# Build user name
$displayName = $userObject.GivenName + " " + $userObject.SN # TODO: modify me
$parameters = @{
"Path" = "%distinguishedName%"
"Name" = $displayName;
"Server" = $domainName;
"AdaxesService" = "localhost"
"Enabled" = $True
"OtherAttributes" = $userObject
"ErrorAction" = "Stop"
}
if (!([System.String]::IsNullOrEmpty($accountPassword)))
{
$parameters.Add("AccountPassword", $accountPassword)
}
# Create a new user account
try
{
New-AdmUser @parameters
}
catch
{
$Context.LogMessage("An error occurred when creating user '$displayName'. Error: " + $_.Exception.Message, "Warning")
}
continue
}
# If user exists, update account
try
{
Set-AdmUser -Identity $userExists.DistinguishedName -Replace $userObject `
-AdaxesService localhost -Server $domainName -ErrorAction Stop
}
catch
{
$Context.LogMessage("An error occurred when updating user '$displayName'. Error: " + $_.Exception.Message, "Warning")
}
if ($propertiesToClear.Length -ne 0)
{
try
{
Set-AdmUser -Identity $userExists.DistinguishedName -Clear $propertiesToClear `
-AdaxesService localhost -Server $domainName -ErrorAction Stop
}
catch
{
$Context.LogMessage("An error occurred when updating user '$displayName'. Error: " + $_.Exception.Message, "Warning")
}
}
if ([System.String]::IsNullOrEmpty($accountPassword))
{
continue
}
try
{
Set-AdmAccountPassword -Identity $userExists.DistinguishedName -NewPassword $accountPassword `
-Reset -Server $domainName -AdaxesService localhost -ErrorAction Stop
}
catch
{
$Context.LogMessage("An error occurred when updating the password for user '$displayName'. Error: " + $_.Exception.Message, "Warning")
}
}