I have a scrip that successfully creates my Teams with a single owner from a .csv file. I want to be able to add an additional user as owner listed in the .csv.
I need to look up the GroupId from the creation and add a second Owner to the Teams.
Any help would be greatly appreciated.
$teams = import-csv ‘File_Path’
Foreach($team in $teams)
{
$DisplayName = $teams.'TeamDesc'
$Description = $teams.'Code'
$Visibility = $teams.'Visibility'
$Owner = $teams.’UserPrincipleName’
$GroupId = (Get-Team -DisplayName $team.'TeamDesc').GroupId
New-Team -DisplayName $team.TeamDesc -Owner $team.UserPrincipleName -Description $team.Code -Visibility $team.Visibility
Add-TeamUser -GroupId (Get-Team -DisplayName $team.'TeamDesc').GroupId -User $team.DepartmentChair -Role ‘Owner’
}
According to the docs, the return from New-Team is the GroupId (see https://learn.microsoft.com/en-us/powershell/module/teams/new-team?view=teams-ps#outputs). Any reason you're not using this? It would look something like:
$groupId = New-Team -DisplayName $team.TeamDesc -Owner $team.UserPrincipleName -Description $team.Code -Visibility $team.Visibility
Add-TeamUser -GroupId $groupId -User $team.DepartmentChair -Role ‘Owner’
Related
I am preparing the powershell script to move the local mailbox to online mailbox via powershell script and after migration will assign the license
Below is the sample:
#Created the user in AD , not mentioned here
Enable-Mailbox -Identity "$firstname $lastname" -Database "XXXXXXX"
Start-Sleep -Seconds 10
Set-Mailbox "$firstname.$lastname" -PrimarySmtpAddress "$firstname.$lastname#XXXXXXX" -EmailAddressPolicyEnabled $false
Is there any logic like if-else or something else which i can use here which trigger the below command once the user mailbox is sync from local exchange to online exchange ?So below command is run successfully without any issue or error.
Connect-ExchangeOnline
$Mailbox = "$firstname.$lastname#XXXXXXX"
$Endpoint = "XXXXXXXX"
$TargetDomain = "XXXXXXXXXXX"
$Cred = Get-Credential
New-MoveRequest -Identity $Mailbox -Remote -RemoteHostName $Endpoint -TargetDeliveryDomain $TargetDomain -RemoteCredential $Cred -Batchname "$Mailbox Move to O365"
Is there any logic like if-else or something else which i can use here which trigger the below command once the mailbox migration is done then below command is execute?
#Assign the license once migration is done successfully
Set-MsolUser -UserPrincipalName $Mailbox -UsageLocation US
Set-MsolUserLicense -UserPrincipalName $Mailbox -AddLicenses "XXXXXXXXXXXX"
Note-I can use the Start-Sleep -Seconds XXX in between but sync time is not same everytime
in order to assign a license after the migration of the mailboxes ; you need first to check the status of the move-request within a while loop and execute your commands if the status changed to Completed as follow:
$i = $true
while ($i){
if (Get-MoveRequest -Identity $Mailbox| where {$_.status -eq "Completed"}) {
Set-MsolUser -UserPrincipalName $Mailbox -UsageLocation US
Set-MsolUserLicense -UserPrincipalName $Mailbox -AddLicenses "XXXXXXXXXXXX"
$i = $False
} else {
sleep 10
}
}
I have to manually create Teams, so i thought i would be a good idea to make this proces automatic. The code keeps giving me the error "Cannot validate argument on parameter "DisplayName. The argument is Null or empty".
It is for Windows Server 2012 R2, I think it does recognize the csv file because this is the only error that i'm getting
This is my CSV file
$datacsv = import-csv C:\Users\$$$$$\Desktop\test.csv
Import-Module MicrosoftTeams
foreach ($data in $datacsv)
{
$cred = Get-Credential
Connect-MicrosoftTeams -Credential $cred
$teamname = $data.TeamsName
$owner = $data.Owners
$accestype = $data.TeamType
$member = $data.Members
$group = New-team -DisplayName $teamname -Owner $owner -AccesType $accestype
Add-TeamUser -User $member -GroupId $group.GroupId -DisplayName $teamname
Add-Teamuser -User $owner -GroupId $group.GroupId -DisplayName $owner
}
I expected that the teams would indeed create but this didnt happen.
Sorry for the bad English, my writing is pretty bad.
I need to migrate from AD Windows2003Forest to AD 2016. I have below script to create users in bulk. My requirement is to map the same SID of older AD to new AD. For example in older AD SID='xyz' then it should be the same in newAD too as SID='xyz'
I am having all the users data along with SID in CSV format & am using below PowerShell script which is somehow not working. As of advice or suggestions.
powershell code snippent:
#Enter a path to your import CSV file
$ADUsers = Import-csv C:\scripts\newusers.csv
foreach ($User in $ADUsers)
{
$Username = $User.username
$Password = $User.password
$Firstname = $User.firstname
$Lastname = $User.lastname
$Department = $User.department
$OU = $User.ou
$sid = $User.sid
$UserPrincipalName = $User.UserPrincipalName
$DistinguishedName = $User.DistinguishedName
#Check if the user account already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user does exist, output a warning message
Write-Warning "A user account $Username has already exist in Active Directory."
}
else
{
#If a user does not exist then create a new user account
#Account will be created in the OU listed in the $OU variable in the CSV file; don’t forget to change the domain name in the"-UserPrincipalName" variable
New-ADUser `
-SamAccountName $Username `
-UserPrincipalName $UserPrincipalName `
-Name "$Firstname $Lastname" `
-GivenName $Firstname `
-Surname $Lastname `
-Enabled $True `
-ChangePasswordAtLogon $True `
-DisplayName "$Lastname, $Firstname" `
-Department $Department `
-DistinguishedName $DistinguishedName `
-SID $sid `
-Path $OU `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force)
}
}
You won't be able to assign a SID as that's generated by the domain controller based on a RID. If trying to migrate to a new forest then you'll need to perform a proper AD migration. The old SIDs will be copied onto the migrated users' SID history attributes to allow permissions based on the old SID to still work.
If you simply want to upgrade to a newer version of AD then you're better off joining a newer domain controller to your existing Active Directory forest / domain. The forest functional level mush be 2003 or higher.
As a side note, I'd recommend then getting rid of the 2003 servers as soon as possible as these are no longer supported by Microsoft.
I'm trying to successfully execute a script which has cmdlets from a win8.1 machine to a 2003 domain controller. I set up ADWS on the 2003 domain controller and can now use cmdlets on it remotely from my win8.1 machine.
What I'm trying to do with this script is to get the group membership details from a pre-existing user ($UserOne), create a new user ($UserTwo), create a foreach loop which copies the group membership details from the pre-existing ($UserOne) user to the new user ($UserTwo) that was created.
Currently the script works up until the point of creating the new user ($UserTwo), however the foreach loop afterwards doesn't seem to execute.
Would any of you know what the issue with my code is? I suspect it's how I've entered the foreach loop in directly after creating a user. I also tried creating a new session using Invoke-Command after creating the new user in order to copy the group membership, however none of my cmdlets would work in the scriptblock since the remote server is Windows 2003.
Help would be greatly appreciated, I'm still very much new to Powershell. My code is as follows:
$serv = "SERVERNAME"
$cred = "admin\admin"
$secureString = convertto-securestring "Password" -asplaintext -force
$FirstUser = "NameOne"
$SecondUser = "NameTwo"
$UserOne = Get-ADUser -Identity $FirstUser -Properties memberOf -Server $serv
New-ADUser -SAMAccountName $SecondUser -UserPrincipalName "blah#blah.com" -DisplayName $SecondUser -Enabled $true -AccountPassword $secureString -Credential $cred -Server $serv -PassThru
$UserTwo = Get-ADUser -Identity $SecondUser -Properties memberOf -Server $serv
foreach($group in $UserOne.memberof)
{
Add-ADGroupMember -Identity $group -Member $SecondUser -Server $serv
write-output $group
}
Turned out it happened to be a permissions issue, it's just that I wasn't getting any feedback via error messages!
Thanks for the posts though guys.
I see a number of issues here..
$serv = "SERVERNAME"
$cred = "admin\admin"
$secureString = convertto-securestring "Password" -asplaintext -force
$FirstUser = "NameOne"
$SecondUser = "NameTwo"
$UserOne = Get-ADUser -Identity $FirstUser -Properties memberOf -Server $serv
New-ADUser -SAMAccountName $SecondUser -UserPrincipalName "blah#blah.com"`
-DisplayName $SecondUser -Enabled $true -AccountPassword $secureString`
-Credential $cred -Server $serv -PassThru
Why add the -pasthru if your not going to use it? This will just needlessly output data to the screen (unless that is what you want).
If you assign the resulting value of the command to null, again you will get less screen junk.
Try
$null = New-ADUser -SAMAccountName $SecondUser -UserPrincipalName "blah#blah.com" -DisplayName $SecondUser -Enabled $true -AccountPassword $secureString -Credential $cred -Server $serv
and
$UserTwo = Get-ADUser -Identity $SecondUser -Properties memberOf -Server $serv
Why are you doing this? You already know the user won't be a member of any groups (except default USERS) since you just created the account. Then you never use the value $usertwo in the script.
write-host "Adding user $SecondUser to AD groups."
foreach($group in $UserOne.memberof)
{
Add-ADGroupMember -Identity $group -Member $SecondUser -Server $serv
write-output $group
}
My script looks like this:
$Users = Import-Csv "C:\users.csv"
foreach ($User in $Users)
{
New-QADUser -Name $User.Name `
-ParentContainer $User.OU `
-FirstName $User.FirstName `
-LastName $User.LastName `
-UserPassword $User.userPassword `
-SamAccountName $User.sAMAccountName `
}
When I run it I get the following error:
DefaultNamingContext Type
-------------------- ----
DC=example,DC=domain,DC=org ActiveDirectory
The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)
At :line:5 char:12
+ New-QADUser <<<< -Name $User.Name `
My CSV looks like this:
Name,FirstName,LastName,sAMAccountName,UserPassword,OU
Joe Bob,Joe,Bob,jb241277,4gh60b4,"OU=2010,OU=Sub,OU=Users,OU=MAIN,DC=example,DC=domain,DC=org"
Not sure what is going on, any help would be appreciated. This is a child domain in a forest on Win2K8 Ent.
It is possible that this action is being attempted against a Global Catalog for some reason. Your code works fine for me, but I get the error when I attempt to do it against a GC, which is expected. The connect-QADService cmdlet specifies where you want to connect. If you're setting this before your new-qaduser code, double-check to make sure that "-UseGlobalCatalog" is not in there.
As a troubleshooting step you can try to specify a specific Domain Controller to see if that changes your error.
$Users = Import-Csv "C:\users.csv"
foreach ($User in $Users)
{
New-QADUser -Name $User.Name `
-ParentContainer $User.OU `
-FirstName $User.FirstName `
-LastName $User.LastName `
-UserPassword $User.userPassword `
-SamAccountName $User.sAMAccountName `
-Service $DomainController `
}
That will tell it to perform the action against a specific domain controller and not a Global Catalog.