Active directory script to change group membership & profile paths

Hi Readers,

As from prevous posts you all have noticed that I am doing some data center migration project so therefore we needed a script so that users AD groups  & profile paths are automatically changed when we run the script.

As I believe to keep the things simple so I have downloaded the quest  Active Roles management Shell for Active Directory & wrote a powershell script to achieve my goal

http://www.quest.com/powershell/activeroles-server.aspx

After installing this , I have added the snapin to powershell

New-Item -Path $PROFILE -ItemType File -Value ‘add-PSSnapin quest.activeroles.admanagement’ -Force

Now, please find the below script which reads a csv file & replace groups from one colums to groups in other column

 #pass the arguments to script

param(
    [string]$arg
)

# get user properties
$user = get-qaduser $Arg

# import csv file
$data = import-csv d:\migrationScripts\AD\groups.csv

#Check if usr belogs to group in csv

foreach ($i in $data)

{
$grp=$i.group
$Can = “CN=$grp”
$Rgrp=$i.Rgroup
$RCan=”CN=$Rgrp”
If (($user.memberof -like “$Can,*”) -and ($user.memberof -like “$RCan,*”))
{
write-host “$Rgrp is already present”

}
else
{
if ($user.memberof -like “$Can,*”)
{
Write-Host “replace $grp”

remove-qadgroupmember $grp $user

# sleep for 5 seconds so that user is removed
sleep 5
add-qadgroupmember $Rgrp $user

}

}
}
write-host “Change $user profile paths”

# get user profile paths & replace with new paths

$TsProf = $user.TsProfilePath
$TsProfChg = $TsProf -replace “server1-fs”,”server2-fs”

$TsHome = $user.TsHomeDirectory
$TsHomeChg = $TsHome -replace “server1-fs”,”server2-fs”
set-qaduser $user -TsProfilePath $TsProfChg
set-qaduser $user -TsHomeDirectory $TsHomeChg

$userchg = get-qaduser $Arg
$TSp = $userchg.TsProfilePath
$TSh = $userchg.TsHomeDirectory

Write-host “$user profile paths changed to $TSp”
Write-host “$user Home Directory paths changed to $TSh”

 To run a script : script.ps1 usersid

Advertisements

One thought on “Active directory script to change group membership & profile paths

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s