94 lines
2.9 KiB
PowerShell
94 lines
2.9 KiB
PowerShell
#On vérifie que les modules soient bien installés
|
|
if (Get-Module -ListAvailable -Name PSWriteColor) {
|
|
$modExiste = $true
|
|
}
|
|
else {
|
|
$modExiste = $false
|
|
}
|
|
|
|
#Cette étape permet de désactiver les messages de confirmation d'install
|
|
Set-PSRepository -Name 'PSGallery' -InstallationPolicy Trusted
|
|
|
|
switch ($modExiste) {
|
|
$true{Import-Module ActiveDirectory;Import-Module PSWriteColor}
|
|
$false{Install-Module PSWriteColor -Confirm:$False;Import-Module ActiveDirectory;Import-Module PSWriteColor}
|
|
Default {Import-Module ActiveDirectory;Import-Module PSWriteColor}
|
|
}
|
|
|
|
|
|
########### Fonctions ###########
|
|
function GenPass { #Genere un mdp aléatoire selon les parametres indiqués
|
|
|
|
$TokenSet = @{
|
|
U = [Char[]]'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
|
|
L = [Char[]]'abcdefghijklmnopqrstuvwxyz'
|
|
N = [Char[]]'0123456789'
|
|
S = [Char[]]'!"#$%&''()*+,-./:;<=>?@[\]^_`{|}~'
|
|
}
|
|
|
|
$Upper = Get-Random -Count 5 -InputObject $TokenSet.U
|
|
$Lower = Get-Random -Count 5 -InputObject $TokenSet.L
|
|
$Number = Get-Random -Count 5 -InputObject $TokenSet.N
|
|
$Special = Get-Random -Count 5 -InputObject $TokenSet.S
|
|
|
|
$StringSet = $Upper + $Lower + $Number + $Special
|
|
|
|
$RdString = (Get-Random -Count 15 -InputObject $StringSet) -join ''
|
|
|
|
return $RdString
|
|
|
|
}
|
|
|
|
function GetADSID { #On récupere le SID de l'AD pour pouvoir l'intégrer aux groupes qui en ont besoin
|
|
$fullSID = (Get-ADDomain).DomainSID.Value
|
|
$domaineSID = $fullSID.split("-",5)[-1]
|
|
return $domaineSID
|
|
}
|
|
|
|
function GetACID { #Fonction de test
|
|
return "superSID"
|
|
}
|
|
#################################
|
|
|
|
########### Variables ###########
|
|
$userList = "Tech-N1","Tech-N2","Tech-N3"
|
|
$domaineSID = (GetADSID)
|
|
$grpAccountOp = "S-1-5-32-548"
|
|
$grpDomainAdm = "S-1-5-21-$domaineSID-512"
|
|
$grpPrintOp = "S-1-5-32-550"
|
|
$grpServerOp = "S-1-5-32-549"
|
|
$grpPowerUsers = "S-1-5-32-547"
|
|
#################################
|
|
|
|
|
|
########### Script ###########
|
|
|
|
#Pour chaque user, on le crée + ajoute aux bons groupes
|
|
ForEach($user in $userList){
|
|
|
|
$userPass = (GenPass)
|
|
$detailsUser = @{
|
|
Name = $user
|
|
AccountPassword = $userPass
|
|
Enabled = $true
|
|
ChangePasswordAtLogon = $false
|
|
PasswordNeverExpires = $true #On fait en sorte qu'il n'expire pas
|
|
}
|
|
New-ADUser @detailsUser #On cree l'user...
|
|
|
|
#...puis on l'ajoute aux bons groupes
|
|
switch ($user) {
|
|
"Tech-N1"{$Groups = @($grpPowerUsers,$grpPrintOp)}
|
|
"Tech-N2"{$Groups = @($grpAccountOp,$grpPrintOp)}
|
|
"Tech-N3"{$Groups = @($grpDomainAdm)}
|
|
Default {}
|
|
}
|
|
|
|
ForEach ($Group in $Groups) {
|
|
|
|
Add-ADPrincipalGroupMembership $User -MemberOf $Group
|
|
|
|
}
|
|
|
|
Write-Color -Text "L'utilisateur ",$User," a bien été cée et ajouté aux groupes 'Account operators' et 'Print Operators'. Son mot de passe est ",$userPass -Color White,Green,White,Cyan
|
|
} |