SlideShare a Scribd company logo

termUserGroups

Download as DOCX, PDF
Daniel Gilhousen
Daniel Gilhousen

This PowerShell script removes a user from groups in the CORP and AUSTIN domains, disables the user account in both domains, moves the user to the disabled accounts OU in CORP and the terms OU in AUSTIN, and logs any errors to a text file. It authenticates with credentials for each domain, gets group memberships, removes the user from all groups except domain users, disables and moves the user account, and handles errors throughout.

1 of 6
<#Import in modules, if statement for PSSnapin so that it doesn't throw an error if it is already loaded.#> Import-Module ActiveDirectory if ( (Get-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.Admin - ErrorAction SilentlyContinue) -eq $null ) { add-pssnapin Microsoft.Exchange.Management.PowerShell.Admin } <#Clear variables so they are not retaining any old values#> Get-Variable -Exclude PWD,*Preference | Remove-Variable -EA 0 <#Variables Decalred#> $errorLogPath = "c:scriptslogstermUserGroups.txt" $corpCred = Get-credential -Message "This is the CORP domain" - ErrorAction Stop $ausCred = Get-Credential -Message "This is the AUSTIN domain" - ErrorAction Stop $ausDC = "SanitizedServerName.austin.kmvtechnologies.com" $corpDC = "SanitizedServerName.corp.logitech.com" $ausDisableOU = "OU=Terms,OU=Corporate,DC=austin,DC=kmvtechnologies,DC=com" $corpDisableOU = "OU=DisabledAccounts,OU=LifeSize,OU=Users,OU=WWLogi,DC=corp,DC=logitech,D C=com" <#Test CORP credentials#> $usernameCorp = $corpCred.username $passwordCorp = $corpCred.GetNetworkCredential().password $corpDomain = "LDAP://SanitizedServerName.corp.logitech.com".distinguishedName $domainCorp = New-Object System.DirectoryServices.DirectoryEntry($corpDomain,$usernameCorp,$passwo rdCorp) -ErrorAction Stop if ($domainCorp.name -eq $null) { write-host "Authentication failed for domain CORP - please verify your username and password." exit #terminate the script. } else { write-host "Successfully authenticated with domain CORP" } <#Test AUSTIN Domain credentials#> $usernameAus = $AusCred.username $passwordAus = $AusCred.GetNetworkCredential().password $ausDomain = "LDAP://SanitizedServerName.austin.kmvtechnologies.com".distinguishedName $domainAus = New-Object System.DirectoryServices.DirectoryEntry($ausDomain,$usernameAus,$password Aus) -ErrorAction Stop if ($domainAus.name -eq $null)
{ write-host "Authentication failed for domain AUSTIN - please verify your username and password." exit #terminate the script. } else { write-host "Successfully authenticated with domain AUSTIN" } While($true) { $employee = Read-Host "Enter CORP user account to remove groups from, or press Cntrl+C to exit:" -ErrorAction Stop $fileCreationTime = Get-Date -UFormat "%Y%m%d%H%M%S" -ErrorAction Stop $txtFolderPath = Join-Path "SanitizedServerNameIT- DocumentationGroupRemovals" $fileCreationTime$employee.txt -ErrorAction Stop <#Grab Corp Group membership and spit out to list#> Try { Get-ADPrincipalGroupMembership -Server $corpDC -Identity $employee - Credential $corpCred -ErrorAction Stop | select Name | Out-File $txtFolderPath -ErrorAction Stop } Catch { Write-Warning "Problem in CORP group list creation... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error creating file of group names" | Out-File $errorLogPath -Append } Try{ Get-ADUser $employee -Server $corpDC -Credential $corpCred -ErrorAction Stop | FL | Out-File -Append $txtFolderPath -ErrorAction Stop } Catch { Write-Warning "Problem appending CORP object properties to file... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error appending object properties to file" | Out-File $errorLogPath -Append } Write-Output "List of CORP groups exported, beginning removal of CORP groups...." <#create object array of memberof from a users AD object, then step through and remove each group #> Try{ $user = Get-ADUser $employee -Server $corpDC -Properties memberof - Credential $corpCred -ErrorAction Stop } Catch {
Write-Warning "Problem getting array of group names... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error ennumerating group list" | Out-File $errorLogPath - Append } $userGroups =$user.memberof Try{ $userGroups | %{get-adgroup $_ -Server $corpDC -Credential $corpCred - ErrorAction Stop | Remove-ADGroupMember -Server $corpDC -Credential $corpCred -confirm:$false -member $employee -ErrorAction Stop } } Catch { Write-Warning "Problem removing CORP group memberships... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error removing CORP groups memebership" | Out-File $errorLogPath -Append } Write-Output "CORP groups removal complete, beginning move to CORP disabled accounts OU...." <#Disable AUS account in case it isn't disabled, then move the object to the Disabled accounts OU#> Try{ Disable-ADAccount -Identity $employee -Server $corpDC -Credential $corpCred -ErrorAction Stop} Catch { Write-Warning "Problem disabling CORP ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error disabling CORP user account" | Out-File $errorLogPath -Append } Try{ Get-ADUser $employee -Server $corpDC -Credential $corpCred -ErrorAction Stop | Move-ADObject -TargetPath $corpDisableOU -Server $corpDC - Credential $corpCred -ErrorAction Stop } Catch{ Write-Warning "Problem moving CORP user account to Disabled OU ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error moving CORP account to Disabled OU" | Out-File $errorLogPath -Append } Write-Output "User CORP account disabled..."
<#grabbing the user mailbox by matching Linked Master account, with teh $mailbox object we can call the attributes by .attribute notation ex: $mailbox.SamAccountName#> Try{ $mailbox = Get-Mailbox -Credential $ausCred -DomainController $ausDC - ResultSize Unlimited -ErrorAction Stop | where {$_.LinkedMasterAccount - like "CORP$employee"} } Catch{ Write-Warning "Problem getting user Linked mailbox ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error getting CORP user linked Mailbox object" | Out-File $errorLogPath -Append } Write-Output "Mailbox Object created..." <#Use the $mailbox object to input user values in cmdlets, get groups memberships and append o txt file for user, and also append attributes to file#> Try{ Get-ADPrincipalGroupMembership -Server $ausDC -Identity $mailbox.SamAccountName -Credential $ausCred -ErrorAction Stop | select name | Out-File -Append $txtFolderPath -ErrorAction Stop } Catch{ Write-Warning "Problem in AUSTIN group list creation... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error creating file of AUSTIN group names" | Out-File $errorLogPath -Append } Try{ Get-ADUser -Identity $mailbox.SamAccountName -Server $ausDC -Credential $ausCred -ErrorAction Stop | FL | Out-File -Append $txtFolderPath - ErrorAction Stop } Catch{ Write-Warning "Problem appending AUSTIN object properties to file... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error appending AUSTIN object properties to file" | Out- File $errorLogPath -Append } Write-Output "List of AUS groups exported..." <#Use the SAM account name of the mailbox that was matched by linked master account, then step though loop to remove all groups except Domain users#> Try{ $userAus = Get-ADUser $mailbox.SamAccountName -Server $ausDC -Properties memberof -Credential $ausCred -ErrorAction Stop }
Catch{ Write-Warning "Problem getting array of AUSTIN group names... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error ennumerating AUSTIN group list" | Out-File $errorLogPath -Append } $userGroupsAus = $userAus.memberof Try{ $userGroups | %{get-adgroup $_ -Server $ausDC -Credential $ausCred - ErrorAction Stop | Remove-ADGroupMember -Server $ausDC -Credential $ausCred -confirm:$false -member $mailbox.SamAccountName -ErrorAction Stop } } Catch{ Write-Warning "Problem removing AUSTIN group memberships... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error removing AUSTIN groups membership" | Out-File $errorLogPath -Append } Write-Output "AUS groups removed, disabling AUS user, Moving to Terms OU..." <#Disable AUS account in case it isn't disabled, then move the object to the Terms OU#> Try{ Disable-ADAccount -Identity $mailbox.SamAccountName -Server $ausDC - Credential $ausCred -ErrorAction Stop } Catch{ Write-Warning "Problem disabling AUSTIN ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error disabling AUSTIN user account" | Out-File $errorLogPath -Append } Try{ Get-ADUser $mailbox.SamAccountName -Server $ausDC -Credential $ausCred - ErrorAction Stop | Move-ADObject -TargetPath $ausDisableOU -Server $ausDC -Credential $ausCred -ErrorAction Stop } Catch{ Write-Warning "Problem moving AUSTIN user account to Disabled OU ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error moving AUSTIN account to Disabled OU" | Out-File $errorLogPath -Append } Write-Output "Script finished check OU and accounts..."
}

Recommended

Assetic (Symfony Live Paris)
Assetic (Symfony Live Paris)Assetic (Symfony Live Paris)
Assetic (Symfony Live Paris)
Kris Wallsmith
 
Bag Of Tricks From Iusethis
Bag Of Tricks From IusethisBag Of Tricks From Iusethis
Bag Of Tricks From Iusethis
Marcus Ramberg
 
Introducing Assetic: Asset Management for PHP 5.3
Introducing Assetic: Asset Management for PHP 5.3Introducing Assetic: Asset Management for PHP 5.3
Introducing Assetic: Asset Management for PHP 5.3
Kris Wallsmith
 
Deep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line InterfaceDeep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line Interface
Amazon Web Services
 
Doctrine For Beginners
Doctrine For BeginnersDoctrine For Beginners
Doctrine For Beginners
Jonathan Wage
 
CakePHP workshop
CakePHP workshopCakePHP workshop
CakePHP workshop
Walther Lalk
 
Assetic (Zendcon)
Assetic (Zendcon)Assetic (Zendcon)
Assetic (Zendcon)
Kris Wallsmith
 
Rails 3 overview
Rails 3 overviewRails 3 overview
Rails 3 overview
Yehuda Katz
 

Recommended

Assetic (Symfony Live Paris)
Assetic (Symfony Live Paris)Assetic (Symfony Live Paris)
Assetic (Symfony Live Paris)
Kris Wallsmith
 
Bag Of Tricks From Iusethis
Bag Of Tricks From IusethisBag Of Tricks From Iusethis
Bag Of Tricks From Iusethis
Marcus Ramberg
 
Introducing Assetic: Asset Management for PHP 5.3
Introducing Assetic: Asset Management for PHP 5.3Introducing Assetic: Asset Management for PHP 5.3
Introducing Assetic: Asset Management for PHP 5.3
Kris Wallsmith
 
Deep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line InterfaceDeep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line Interface
Amazon Web Services
 
Doctrine For Beginners
Doctrine For BeginnersDoctrine For Beginners
Doctrine For Beginners
Jonathan Wage
 
CakePHP workshop
CakePHP workshopCakePHP workshop
CakePHP workshop
Walther Lalk
 
Assetic (Zendcon)
Assetic (Zendcon)Assetic (Zendcon)
Assetic (Zendcon)
Kris Wallsmith
 
Rails 3 overview
Rails 3 overviewRails 3 overview
Rails 3 overview
Yehuda Katz
 
Silex meets SOAP & REST
Silex meets SOAP & RESTSilex meets SOAP & REST
Silex meets SOAP & REST
Hugo Hamon
 
Magic of Ruby
Magic of RubyMagic of Ruby
Magic of Ruby
Gabriele Lana
 
PHP 5.3 and Lithium: the most rad php framework
PHP 5.3 and Lithium: the most rad php frameworkPHP 5.3 and Lithium: the most rad php framework
PHP 5.3 and Lithium: the most rad php framework
G Woo
 
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and moreSymfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Ryan Weaver
 
Advanced symfony Techniques
Advanced symfony TechniquesAdvanced symfony Techniques
Advanced symfony Techniques
Kris Wallsmith
 
Web::Machine - Simpl{e,y} HTTP
Web::Machine - Simpl{e,y} HTTPWeb::Machine - Simpl{e,y} HTTP
Web::Machine - Simpl{e,y} HTTP
Michael Francis
 
Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)
Kris Wallsmith
 
Rich domain model with symfony 2.5 and doctrine 2.5
Rich domain model with symfony 2.5 and doctrine 2.5Rich domain model with symfony 2.5 and doctrine 2.5
Rich domain model with symfony 2.5 and doctrine 2.5
Leonardo Proietti
 
Doctrine MongoDB ODM (PDXPHP)
Doctrine MongoDB ODM (PDXPHP)Doctrine MongoDB ODM (PDXPHP)
Doctrine MongoDB ODM (PDXPHP)
Kris Wallsmith
 
Symfony2, creare bundle e valore per il cliente
Symfony2, creare bundle e valore per il clienteSymfony2, creare bundle e valore per il cliente
Symfony2, creare bundle e valore per il cliente
Leonardo Proietti
 
The Zen of Lithium
The Zen of LithiumThe Zen of Lithium
The Zen of Lithium
Nate Abele
 
Database Design Patterns
Database Design PatternsDatabase Design Patterns
Database Design Patterns
Hugo Hamon
 
The History of PHPersistence
The History of PHPersistenceThe History of PHPersistence
The History of PHPersistence
Hugo Hamon
 
Lithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Lithium: The Framework for People Who Hate Frameworks, Tokyo EditionLithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Lithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Nate Abele
 
Models and Service Layers, Hemoglobin and Hobgoblins
Models and Service Layers, Hemoglobin and HobgoblinsModels and Service Layers, Hemoglobin and Hobgoblins
Models and Service Layers, Hemoglobin and Hobgoblins
Ross Tuck
 
Decoupling with Design Patterns and Symfony2 DIC
Decoupling with Design Patterns and Symfony2 DICDecoupling with Design Patterns and Symfony2 DIC
Decoupling with Design Patterns and Symfony2 DIC
Konstantin Kudryashov
 
Design how your objects talk through mocking
Design how your objects talk through mockingDesign how your objects talk through mocking
Design how your objects talk through mocking
Konstantin Kudryashov
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat Sheet
Andréia Bohner
 
DOM Scripting Toolkit - jQuery
DOM Scripting Toolkit - jQueryDOM Scripting Toolkit - jQuery
DOM Scripting Toolkit - jQuery
Remy Sharp
 
Ruby - Design patterns tdc2011
Ruby - Design patterns tdc2011Ruby - Design patterns tdc2011
Ruby - Design patterns tdc2011
Rafael Felix da Silva
 
outdoor patio set
outdoor patio setoutdoor patio set
outdoor patio set
John Conroy
 
Through the-hourglass-article
Through the-hourglass-articleThrough the-hourglass-article
Through the-hourglass-articlemjbole
 

More Related Content

What's hot

Silex meets SOAP & REST
Silex meets SOAP & RESTSilex meets SOAP & REST
Silex meets SOAP & REST
Hugo Hamon
 
Magic of Ruby
Magic of RubyMagic of Ruby
Magic of Ruby
Gabriele Lana
 
PHP 5.3 and Lithium: the most rad php framework
PHP 5.3 and Lithium: the most rad php frameworkPHP 5.3 and Lithium: the most rad php framework
PHP 5.3 and Lithium: the most rad php framework
G Woo
 
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and moreSymfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Ryan Weaver
 
Advanced symfony Techniques
Advanced symfony TechniquesAdvanced symfony Techniques
Advanced symfony Techniques
Kris Wallsmith
 
Web::Machine - Simpl{e,y} HTTP
Web::Machine - Simpl{e,y} HTTPWeb::Machine - Simpl{e,y} HTTP
Web::Machine - Simpl{e,y} HTTP
Michael Francis
 
Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)
Kris Wallsmith
 
Rich domain model with symfony 2.5 and doctrine 2.5
Rich domain model with symfony 2.5 and doctrine 2.5Rich domain model with symfony 2.5 and doctrine 2.5
Rich domain model with symfony 2.5 and doctrine 2.5
Leonardo Proietti
 
Doctrine MongoDB ODM (PDXPHP)
Doctrine MongoDB ODM (PDXPHP)Doctrine MongoDB ODM (PDXPHP)
Doctrine MongoDB ODM (PDXPHP)
Kris Wallsmith
 
Symfony2, creare bundle e valore per il cliente
Symfony2, creare bundle e valore per il clienteSymfony2, creare bundle e valore per il cliente
Symfony2, creare bundle e valore per il cliente
Leonardo Proietti
 
The Zen of Lithium
The Zen of LithiumThe Zen of Lithium
The Zen of Lithium
Nate Abele
 
Database Design Patterns
Database Design PatternsDatabase Design Patterns
Database Design Patterns
Hugo Hamon
 
The History of PHPersistence
The History of PHPersistenceThe History of PHPersistence
The History of PHPersistence
Hugo Hamon
 
Lithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Lithium: The Framework for People Who Hate Frameworks, Tokyo EditionLithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Lithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Nate Abele
 
Models and Service Layers, Hemoglobin and Hobgoblins
Models and Service Layers, Hemoglobin and HobgoblinsModels and Service Layers, Hemoglobin and Hobgoblins
Models and Service Layers, Hemoglobin and Hobgoblins
Ross Tuck
 
Decoupling with Design Patterns and Symfony2 DIC
Decoupling with Design Patterns and Symfony2 DICDecoupling with Design Patterns and Symfony2 DIC
Decoupling with Design Patterns and Symfony2 DIC
Konstantin Kudryashov
 
Design how your objects talk through mocking
Design how your objects talk through mockingDesign how your objects talk through mocking
Design how your objects talk through mocking
Konstantin Kudryashov
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat Sheet
Andréia Bohner
 
DOM Scripting Toolkit - jQuery
DOM Scripting Toolkit - jQueryDOM Scripting Toolkit - jQuery
DOM Scripting Toolkit - jQuery
Remy Sharp
 
Ruby - Design patterns tdc2011
Ruby - Design patterns tdc2011Ruby - Design patterns tdc2011
Ruby - Design patterns tdc2011
Rafael Felix da Silva
 

What's hot (20)

Silex meets SOAP & REST
Silex meets SOAP & RESTSilex meets SOAP & REST
Silex meets SOAP & REST
 
Magic of Ruby
Magic of RubyMagic of Ruby
Magic of Ruby
 
PHP 5.3 and Lithium: the most rad php framework
PHP 5.3 and Lithium: the most rad php frameworkPHP 5.3 and Lithium: the most rad php framework
PHP 5.3 and Lithium: the most rad php framework
 
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and moreSymfony Guard Authentication: Fun with API Token, Social Login, JWT and more
Symfony Guard Authentication: Fun with API Token, Social Login, JWT and more
 
Advanced symfony Techniques
Advanced symfony TechniquesAdvanced symfony Techniques
Advanced symfony Techniques
 
Web::Machine - Simpl{e,y} HTTP
Web::Machine - Simpl{e,y} HTTPWeb::Machine - Simpl{e,y} HTTP
Web::Machine - Simpl{e,y} HTTP
 
Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)Introducing Assetic (NYPHP)
Introducing Assetic (NYPHP)
 
Rich domain model with symfony 2.5 and doctrine 2.5
Rich domain model with symfony 2.5 and doctrine 2.5Rich domain model with symfony 2.5 and doctrine 2.5
Rich domain model with symfony 2.5 and doctrine 2.5
 
Doctrine MongoDB ODM (PDXPHP)
Doctrine MongoDB ODM (PDXPHP)Doctrine MongoDB ODM (PDXPHP)
Doctrine MongoDB ODM (PDXPHP)
 
Symfony2, creare bundle e valore per il cliente
Symfony2, creare bundle e valore per il clienteSymfony2, creare bundle e valore per il cliente
Symfony2, creare bundle e valore per il cliente
 
The Zen of Lithium
The Zen of LithiumThe Zen of Lithium
The Zen of Lithium
 
Database Design Patterns
Database Design PatternsDatabase Design Patterns
Database Design Patterns
 
The History of PHPersistence
The History of PHPersistenceThe History of PHPersistence
The History of PHPersistence
 
Lithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Lithium: The Framework for People Who Hate Frameworks, Tokyo EditionLithium: The Framework for People Who Hate Frameworks, Tokyo Edition
Lithium: The Framework for People Who Hate Frameworks, Tokyo Edition
 
Models and Service Layers, Hemoglobin and Hobgoblins
Models and Service Layers, Hemoglobin and HobgoblinsModels and Service Layers, Hemoglobin and Hobgoblins
Models and Service Layers, Hemoglobin and Hobgoblins
 
Decoupling with Design Patterns and Symfony2 DIC
Decoupling with Design Patterns and Symfony2 DICDecoupling with Design Patterns and Symfony2 DIC
Decoupling with Design Patterns and Symfony2 DIC
 
Design how your objects talk through mocking
Design how your objects talk through mockingDesign how your objects talk through mocking
Design how your objects talk through mocking
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat Sheet
 
DOM Scripting Toolkit - jQuery
DOM Scripting Toolkit - jQueryDOM Scripting Toolkit - jQuery
DOM Scripting Toolkit - jQuery
 
Ruby - Design patterns tdc2011
Ruby - Design patterns tdc2011Ruby - Design patterns tdc2011
Ruby - Design patterns tdc2011
 

Viewers also liked

outdoor patio set
outdoor patio setoutdoor patio set
outdoor patio set
John Conroy
 
Through the-hourglass-article
Through the-hourglass-articleThrough the-hourglass-article
Through the-hourglass-articlemjbole
 
Dziak0796
Dziak0796Dziak0796
Dziak0796GWROY
 
Untitled Presentation
Untitled PresentationUntitled Presentation
Untitled Presentation
yeiryajenadra
 
Estudio virtual
Estudio virtualEstudio virtual
Estudio virtual
Perla Ramirez
 
sociálně patologické jevy
sociálně patologické jevysociálně patologické jevy
sociálně patologické jevy
Terka Šmahelová
 
Ciber Executive Alignment Case Study
Ciber Executive Alignment Case StudyCiber Executive Alignment Case Study
Ciber Executive Alignment Case Study
DStoner
 
全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ
全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ
全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ
新潟コンサルタント横田秀珠
 
Arctic monkeys summer holiday work
Arctic monkeys summer holiday work Arctic monkeys summer holiday work
Arctic monkeys summer holiday work
Ben Tresidder
 
Presentation1
Presentation1Presentation1
Presentation1
kristinadubrovskaya97
 
Gevonden worden in google
Gevonden worden in googleGevonden worden in google
Gevonden worden in google
Chesney Vanroy
 
Inayat, Jamshaid_2016 Resume
Inayat, Jamshaid_2016 ResumeInayat, Jamshaid_2016 Resume
Inayat, Jamshaid_2016 Resume
jamshaid inayat
 
Necklace selene neck buy made in korea
Necklace selene neck buy made in koreaNecklace selene neck buy made in korea
Necklace selene neck buy made in korea
bestmadeinkorea korea
 
マーケティング手法の定番「お客様の声」が通用しない時代へ
マーケティング手法の定番「お客様の声」が通用しない時代へマーケティング手法の定番「お客様の声」が通用しない時代へ
マーケティング手法の定番「お客様の声」が通用しない時代へ
新潟コンサルタント横田秀珠
 
L'eneide
L'eneideL'eneide
L'eneide
Scuola S.B. Capitanio
 
Powerpoint Presentation
Powerpoint PresentationPowerpoint Presentation
Powerpoint Presentation
nimmyherrycal
 
Dante's Inferno
Dante's InfernoDante's Inferno
Dante's Inferno
eghsenglish
 
My CV APRIL2016
My CV APRIL2016My CV APRIL2016
My CV APRIL2016
saddia kulsoom
 
Infecciones causadas por bacterias anaerobias
Infecciones causadas por bacterias anaerobiasInfecciones causadas por bacterias anaerobias
Infecciones causadas por bacterias anaerobias
Stefy Mendoza
 

Viewers also liked (20)

outdoor patio set
outdoor patio setoutdoor patio set
outdoor patio set
 
Through the-hourglass-article
Through the-hourglass-articleThrough the-hourglass-article
Through the-hourglass-article
 
Dziak0796
Dziak0796Dziak0796
Dziak0796
 
Untitled Presentation
Untitled PresentationUntitled Presentation
Untitled Presentation
 
Estudio virtual
Estudio virtualEstudio virtual
Estudio virtual
 
sociálně patologické jevy
sociálně patologické jevysociálně patologické jevy
sociálně patologické jevy
 
Ciber Executive Alignment Case Study
Ciber Executive Alignment Case StudyCiber Executive Alignment Case Study
Ciber Executive Alignment Case Study
 
全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ
全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ
全く違う!自分が言ったら売り込み⇔他人が言ったら口コミ
 
Arctic monkeys summer holiday work
Arctic monkeys summer holiday work Arctic monkeys summer holiday work
Arctic monkeys summer holiday work
 
Presentation1
Presentation1Presentation1
Presentation1
 
Gevonden worden in google
Gevonden worden in googleGevonden worden in google
Gevonden worden in google
 
Inayat, Jamshaid_2016 Resume
Inayat, Jamshaid_2016 ResumeInayat, Jamshaid_2016 Resume
Inayat, Jamshaid_2016 Resume
 
Necklace selene neck buy made in korea
Necklace selene neck buy made in koreaNecklace selene neck buy made in korea
Necklace selene neck buy made in korea
 
マーケティング手法の定番「お客様の声」が通用しない時代へ
マーケティング手法の定番「お客様の声」が通用しない時代へマーケティング手法の定番「お客様の声」が通用しない時代へ
マーケティング手法の定番「お客様の声」が通用しない時代へ
 
L'eneide
L'eneideL'eneide
L'eneide
 
Dante 2
Dante 2Dante 2
Dante 2
 
Powerpoint Presentation
Powerpoint PresentationPowerpoint Presentation
Powerpoint Presentation
 
Dante's Inferno
Dante's InfernoDante's Inferno
Dante's Inferno
 
My CV APRIL2016
My CV APRIL2016My CV APRIL2016
My CV APRIL2016
 
Infecciones causadas por bacterias anaerobias
Infecciones causadas por bacterias anaerobiasInfecciones causadas por bacterias anaerobias
Infecciones causadas por bacterias anaerobias
 

Similar to termUserGroups

Rails 3: Dashing to the Finish
Rails 3: Dashing to the FinishRails 3: Dashing to the Finish
Rails 3: Dashing to the Finish
Yehuda Katz
 
Exch test-mail flow
Exch test-mail flowExch test-mail flow
Exch test-mail flow
Tzahi Kolber
 
getSIDUsers
getSIDUsersgetSIDUsers
getSIDUsers
Daniel Gilhousen
 
exportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailboxexportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailbox
Daniel Gilhousen
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
Lindsay Holmwood
 
Intro to PAS REST API
Intro to PAS REST APIIntro to PAS REST API
Intro to PAS REST API
Joe Garcia
 
Lithium: The Framework for People Who Hate Frameworks
Lithium: The Framework for People Who Hate FrameworksLithium: The Framework for People Who Hate Frameworks
Lithium: The Framework for People Who Hate Frameworks
Nate Abele
 
50 Laravel Tricks in 50 Minutes
50 Laravel Tricks in 50 Minutes50 Laravel Tricks in 50 Minutes
50 Laravel Tricks in 50 Minutes
Azim Kurt
 
laravel tricks in 50minutes
laravel tricks in 50minuteslaravel tricks in 50minutes
laravel tricks in 50minutes
Barang CK
 
Ruby on Rails ステップアップ講座 - 大場寧子
Ruby on Rails ステップアップ講座 - 大場寧子Ruby on Rails ステップアップ講座 - 大場寧子
Ruby on Rails ステップアップ講座 - 大場寧子
Yasuko Ohba
 
Tidy Up Your Code
Tidy Up Your CodeTidy Up Your Code
Tidy Up Your Code
Abbas Ali
 
MassMigrateUsersOU
MassMigrateUsersOUMassMigrateUsersOU
MassMigrateUsersOU
Daniel Gilhousen
 
Rest with-spray
Rest with-sprayRest with-spray
Rest with-spray
Nimrod Argov
 
Why is crud a bad idea - focus on real scenarios
Why is crud a bad idea - focus on real scenariosWhy is crud a bad idea - focus on real scenarios
Why is crud a bad idea - focus on real scenarios
Divante
 
Why ruby
Why rubyWhy ruby
Why ruby
rstankov
 
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
arcware
 
I Phone On Rails
I Phone On RailsI Phone On Rails
I Phone On Rails
John Wilker
 
Deep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line InterfaceDeep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line Interface
Amazon Web Services
 
An Introduction to Ruby on Rails
An Introduction to Ruby on RailsAn Introduction to Ruby on Rails
An Introduction to Ruby on Rails
Joe Fiorini
 
VPN Access Runbook
VPN Access RunbookVPN Access Runbook
VPN Access Runbook
Taha Shakeel
 

Similar to termUserGroups (20)

Rails 3: Dashing to the Finish
Rails 3: Dashing to the FinishRails 3: Dashing to the Finish
Rails 3: Dashing to the Finish
 
Exch test-mail flow
Exch test-mail flowExch test-mail flow
Exch test-mail flow
 
getSIDUsers
getSIDUsersgetSIDUsers
getSIDUsers
 
exportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailboxexportDisabledUsersRemoveMailbox
exportDisabledUsersRemoveMailbox
 
Burn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websitesBurn down the silos! Helping dev and ops gel on high availability websites
Burn down the silos! Helping dev and ops gel on high availability websites
 
Intro to PAS REST API
Intro to PAS REST APIIntro to PAS REST API
Intro to PAS REST API
 
Lithium: The Framework for People Who Hate Frameworks
Lithium: The Framework for People Who Hate FrameworksLithium: The Framework for People Who Hate Frameworks
Lithium: The Framework for People Who Hate Frameworks
 
50 Laravel Tricks in 50 Minutes
50 Laravel Tricks in 50 Minutes50 Laravel Tricks in 50 Minutes
50 Laravel Tricks in 50 Minutes
 
laravel tricks in 50minutes
laravel tricks in 50minuteslaravel tricks in 50minutes
laravel tricks in 50minutes
 
Ruby on Rails ステップアップ講座 - 大場寧子
Ruby on Rails ステップアップ講座 - 大場寧子Ruby on Rails ステップアップ講座 - 大場寧子
Ruby on Rails ステップアップ講座 - 大場寧子
 
Tidy Up Your Code
Tidy Up Your CodeTidy Up Your Code
Tidy Up Your Code
 
MassMigrateUsersOU
MassMigrateUsersOUMassMigrateUsersOU
MassMigrateUsersOU
 
Rest with-spray
Rest with-sprayRest with-spray
Rest with-spray
 
Why is crud a bad idea - focus on real scenarios
Why is crud a bad idea - focus on real scenariosWhy is crud a bad idea - focus on real scenarios
Why is crud a bad idea - focus on real scenarios
 
Why ruby
Why rubyWhy ruby
Why ruby
 
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
10 Things Every Plugin Developer Should Know (WordCamp Atlanta 2013)
 
I Phone On Rails
I Phone On RailsI Phone On Rails
I Phone On Rails
 
Deep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line InterfaceDeep Dive: AWS Command Line Interface
Deep Dive: AWS Command Line Interface
 
An Introduction to Ruby on Rails
An Introduction to Ruby on RailsAn Introduction to Ruby on Rails
An Introduction to Ruby on Rails
 
VPN Access Runbook
VPN Access RunbookVPN Access Runbook
VPN Access Runbook
 

termUserGroups

  • 1. <#Import in modules, if statement for PSSnapin so that it doesn't throw an error if it is already loaded.#> Import-Module ActiveDirectory if ( (Get-PSSnapin -Name Microsoft.Exchange.Management.PowerShell.Admin - ErrorAction SilentlyContinue) -eq $null ) { add-pssnapin Microsoft.Exchange.Management.PowerShell.Admin } <#Clear variables so they are not retaining any old values#> Get-Variable -Exclude PWD,*Preference | Remove-Variable -EA 0 <#Variables Decalred#> $errorLogPath = "c:scriptslogstermUserGroups.txt" $corpCred = Get-credential -Message "This is the CORP domain" - ErrorAction Stop $ausCred = Get-Credential -Message "This is the AUSTIN domain" - ErrorAction Stop $ausDC = "SanitizedServerName.austin.kmvtechnologies.com" $corpDC = "SanitizedServerName.corp.logitech.com" $ausDisableOU = "OU=Terms,OU=Corporate,DC=austin,DC=kmvtechnologies,DC=com" $corpDisableOU = "OU=DisabledAccounts,OU=LifeSize,OU=Users,OU=WWLogi,DC=corp,DC=logitech,D C=com" <#Test CORP credentials#> $usernameCorp = $corpCred.username $passwordCorp = $corpCred.GetNetworkCredential().password $corpDomain = "LDAP://SanitizedServerName.corp.logitech.com".distinguishedName $domainCorp = New-Object System.DirectoryServices.DirectoryEntry($corpDomain,$usernameCorp,$passwo rdCorp) -ErrorAction Stop if ($domainCorp.name -eq $null) { write-host "Authentication failed for domain CORP - please verify your username and password." exit #terminate the script. } else { write-host "Successfully authenticated with domain CORP" } <#Test AUSTIN Domain credentials#> $usernameAus = $AusCred.username $passwordAus = $AusCred.GetNetworkCredential().password $ausDomain = "LDAP://SanitizedServerName.austin.kmvtechnologies.com".distinguishedName $domainAus = New-Object System.DirectoryServices.DirectoryEntry($ausDomain,$usernameAus,$password Aus) -ErrorAction Stop if ($domainAus.name -eq $null)
  • 2. { write-host "Authentication failed for domain AUSTIN - please verify your username and password." exit #terminate the script. } else { write-host "Successfully authenticated with domain AUSTIN" } While($true) { $employee = Read-Host "Enter CORP user account to remove groups from, or press Cntrl+C to exit:" -ErrorAction Stop $fileCreationTime = Get-Date -UFormat "%Y%m%d%H%M%S" -ErrorAction Stop $txtFolderPath = Join-Path "SanitizedServerNameIT- DocumentationGroupRemovals" $fileCreationTime$employee.txt -ErrorAction Stop <#Grab Corp Group membership and spit out to list#> Try { Get-ADPrincipalGroupMembership -Server $corpDC -Identity $employee - Credential $corpCred -ErrorAction Stop | select Name | Out-File $txtFolderPath -ErrorAction Stop } Catch { Write-Warning "Problem in CORP group list creation... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error creating file of group names" | Out-File $errorLogPath -Append } Try{ Get-ADUser $employee -Server $corpDC -Credential $corpCred -ErrorAction Stop | FL | Out-File -Append $txtFolderPath -ErrorAction Stop } Catch { Write-Warning "Problem appending CORP object properties to file... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error appending object properties to file" | Out-File $errorLogPath -Append } Write-Output "List of CORP groups exported, beginning removal of CORP groups...." <#create object array of memberof from a users AD object, then step through and remove each group #> Try{ $user = Get-ADUser $employee -Server $corpDC -Properties memberof - Credential $corpCred -ErrorAction Stop } Catch {
  • 3. Write-Warning "Problem getting array of group names... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error ennumerating group list" | Out-File $errorLogPath - Append } $userGroups =$user.memberof Try{ $userGroups | %{get-adgroup $_ -Server $corpDC -Credential $corpCred - ErrorAction Stop | Remove-ADGroupMember -Server $corpDC -Credential $corpCred -confirm:$false -member $employee -ErrorAction Stop } } Catch { Write-Warning "Problem removing CORP group memberships... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error removing CORP groups memebership" | Out-File $errorLogPath -Append } Write-Output "CORP groups removal complete, beginning move to CORP disabled accounts OU...." <#Disable AUS account in case it isn't disabled, then move the object to the Disabled accounts OU#> Try{ Disable-ADAccount -Identity $employee -Server $corpDC -Credential $corpCred -ErrorAction Stop} Catch { Write-Warning "Problem disabling CORP ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error disabling CORP user account" | Out-File $errorLogPath -Append } Try{ Get-ADUser $employee -Server $corpDC -Credential $corpCred -ErrorAction Stop | Move-ADObject -TargetPath $corpDisableOU -Server $corpDC - Credential $corpCred -ErrorAction Stop } Catch{ Write-Warning "Problem moving CORP user account to Disabled OU ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error moving CORP account to Disabled OU" | Out-File $errorLogPath -Append } Write-Output "User CORP account disabled..."
  • 4. <#grabbing the user mailbox by matching Linked Master account, with teh $mailbox object we can call the attributes by .attribute notation ex: $mailbox.SamAccountName#> Try{ $mailbox = Get-Mailbox -Credential $ausCred -DomainController $ausDC - ResultSize Unlimited -ErrorAction Stop | where {$_.LinkedMasterAccount - like "CORP$employee"} } Catch{ Write-Warning "Problem getting user Linked mailbox ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error getting CORP user linked Mailbox object" | Out-File $errorLogPath -Append } Write-Output "Mailbox Object created..." <#Use the $mailbox object to input user values in cmdlets, get groups memberships and append o txt file for user, and also append attributes to file#> Try{ Get-ADPrincipalGroupMembership -Server $ausDC -Identity $mailbox.SamAccountName -Credential $ausCred -ErrorAction Stop | select name | Out-File -Append $txtFolderPath -ErrorAction Stop } Catch{ Write-Warning "Problem in AUSTIN group list creation... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error creating file of AUSTIN group names" | Out-File $errorLogPath -Append } Try{ Get-ADUser -Identity $mailbox.SamAccountName -Server $ausDC -Credential $ausCred -ErrorAction Stop | FL | Out-File -Append $txtFolderPath - ErrorAction Stop } Catch{ Write-Warning "Problem appending AUSTIN object properties to file... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error appending AUSTIN object properties to file" | Out- File $errorLogPath -Append } Write-Output "List of AUS groups exported..." <#Use the SAM account name of the mailbox that was matched by linked master account, then step though loop to remove all groups except Domain users#> Try{ $userAus = Get-ADUser $mailbox.SamAccountName -Server $ausDC -Properties memberof -Credential $ausCred -ErrorAction Stop }
  • 5. Catch{ Write-Warning "Problem getting array of AUSTIN group names... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error ennumerating AUSTIN group list" | Out-File $errorLogPath -Append } $userGroupsAus = $userAus.memberof Try{ $userGroups | %{get-adgroup $_ -Server $ausDC -Credential $ausCred - ErrorAction Stop | Remove-ADGroupMember -Server $ausDC -Credential $ausCred -confirm:$false -member $mailbox.SamAccountName -ErrorAction Stop } } Catch{ Write-Warning "Problem removing AUSTIN group memberships... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error removing AUSTIN groups membership" | Out-File $errorLogPath -Append } Write-Output "AUS groups removed, disabling AUS user, Moving to Terms OU..." <#Disable AUS account in case it isn't disabled, then move the object to the Terms OU#> Try{ Disable-ADAccount -Identity $mailbox.SamAccountName -Server $ausDC - Credential $ausCred -ErrorAction Stop } Catch{ Write-Warning "Problem disabling AUSTIN ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error disabling AUSTIN user account" | Out-File $errorLogPath -Append } Try{ Get-ADUser $mailbox.SamAccountName -Server $ausDC -Credential $ausCred - ErrorAction Stop | Move-ADObject -TargetPath $ausDisableOU -Server $ausDC -Credential $ausCred -ErrorAction Stop } Catch{ Write-Warning "Problem moving AUSTIN user account to Disabled OU ... logging error to $errorLogPath!" Write-Warning $Error[0] $fileCreationTime | Out-File $errorLogPath -Append $Error[0] | Out-File $errorLogPath -Append Write-Warning "Error moving AUSTIN account to Disabled OU" | Out-File $errorLogPath -Append } Write-Output "Script finished check OU and accounts..."
  • 6. }