From 728557890620a538e79c7a31c8578840c83f9fd2 Mon Sep 17 00:00:00 2001 From: kawa Date: Fri, 3 Jan 2025 10:32:26 +0100 Subject: [PATCH] Added new permissions and groups SIDs --- AD/CreateN1-N2Users/Create-ADtechs.ps1 | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/AD/CreateN1-N2Users/Create-ADtechs.ps1 b/AD/CreateN1-N2Users/Create-ADtechs.ps1 index e0dc260..2d2a1c5 100644 --- a/AD/CreateN1-N2Users/Create-ADtechs.ps1 +++ b/AD/CreateN1-N2Users/Create-ADtechs.ps1 @@ -65,6 +65,10 @@ $grpDomainAdm = "S-1-5-21-$domaineSID-512" $grpPrintOp = "S-1-5-32-550" $grpServerOp = "S-1-5-32-549" $grpPowerUsers = "S-1-5-32-547" +$grpDHCPadm = "S-1-5-21-$domaineSID-1111" +$grpDHCPuser = "S-1-5-21-$domaineSID-1110" +$grpGPOadmin = "S-1-5-21-$domaineSID-520" +$grpNetAdmin = "S-1-5-32-556" ################################# @@ -74,9 +78,11 @@ $grpPowerUsers = "S-1-5-32-547" ForEach($user in $userList){ $userPass = (GenPass) + $userEncPass = ConvertTo-SecureString -String $userPass -AsPlainText -Force + $detailsUser = @{ Name = $user - AccountPassword = $userPass + AccountPassword = $userEncPass Enabled = $true ChangePasswordAtLogon = $false PasswordNeverExpires = $true #On fait en sorte qu'il n'expire pas @@ -85,13 +91,13 @@ ForEach($user in $userList){ #...puis on l'ajoute aux bons groupes switch ($user) { - "Tech-N1"{$Groups = @($grpPowerUsers,$grpPrintOp)} - "Tech-N2"{$Groups = @($grpAccountOp,$grpPrintOp)} + "Tech-N1"{$Groups = @($grpPowerUsers,$grpPrintOp,$grpDHCPuser)} + "Tech-N2"{$Groups = @($grpAccountOp,$grpPrintOp,$grpDHCPadm,$grpGPOadmin,$grpNetAdmin)} "Tech-N3"{$Groups = @($grpDomainAdm)} Default {} } - $newCsvLine = @([PSCustomObject]@{Username = $user; Password = $userPass} + $newCsvLine = @([PSCustomObject]@{Username = $user; Password = $userPass}) $newCsvLine | Export-CSV "C:\techLogins-$pcName.csv" -Append -NoTypeInformation -Encoding UTF8 ForEach ($Group in $Groups) { @@ -100,7 +106,7 @@ ForEach($user in $userList){ } - Write-Color -Text "L'utilisateur ",$User," a bien été cée et ajouté aux groupes 'Account operators' et 'Print Operators'. Son mot de passe est ",$userPass -Color White,Green,White,Cyan + Write-Color -Text "L'utilisateur ",$User," a bien été crée. Son mot de passe est ",$userPass -Color White,Green,White,Cyan } Write-Color -Text "Les utilisateurs ainsi que leur mots de passes ont été exportés ici : ","C:\techLogins-$pcName.csv" -Color White,Green \ No newline at end of file