Link to home
Start Free TrialLog in
Avatar of Mandy_
Mandy_

asked on

Powershell Exchange - Check User Database "WEBB" and move user to other datavase

hi

Bulk User from CSV most of them should enable,disable MBX or Password reset

First i need a filter because user with WEB-Account only cannot enable MBX.

In this case the user are only in databases includes the Word "WEB".

I'm checking the database for the word "web"

If it true then split the web user while checking the department. Depends on
this information they should move to different databases

If the User department = "EMC" and "WEB" then move to database DBEMC001 until DBEMC0045

If the department not "EMC" and "WEB"  then move to DB0020 until DB0040.

All other user (the most of the user)  not "web"  should pass the code behind

I did this one below could you pls check and advice ??  thanks in advance

         
Import-Module ActiveDirectory 
ForEach ($User in  Import-Csv "c:\import1.csv"){ #$user}
      switch($user){
 
# check columns in CSV           
{$_.Version -eq "MSXC2010" -and $_.action -eq "new"} {

$DBuser = (Get-ADUser -identity $user.UserID).department
$WEBuser = (Get-Mailbox -Identity $user.userid | Select-Object Database)

If ($Webuser -like "*WEB*") {
If ($DBuser -like "*EMC*") {

$db = "DBEMC00$("{0:00}" -f (1..43 | Get-random))"

move-mailbox -Identity $user.user.id -TargetDatabase $DB -BadItemLimit 15 -PreserveMailboxSizeLimit:$true -Confirm: $false

If ($Webuser -like "*WEB*") {
If ($DBuser -ne "*EMC*") {
$db1 = "DB00$("{0:00}" -f (20..40 | Get-random))"

move-mailbox -Identity $user.user.id -TargetDatabase $DB1 -BadItemLimit 15 -PreserveMailboxSizeLimit:$true -Confirm: $false

#if EMC and not web then
Enable-Mailbox -Identity $user.UserId -Database $db

} else { 

#if not web and not emc

Enable-Mailbox -Identity $user.UserId

Open in new window



Maybe you could also tell what is the best way to create a screen output that the part of the
code is finished or an error occurs
Avatar of Meir Rivkin
Meir Rivkin
Flag of Israel image

>>All other user (the most of the user)  not "web"  should pass the code behind
what code behind?
also to make it clear, list the test cases of the script:
if user contains "WEB" then check department.
if department contains "EMC" then set random DB 1 to 45.
if department NOT contains "EMC" then set random DB 20 to 40.

if user NOT contains "WEB" then do what?
Avatar of Mandy_
Mandy_

ASKER

What i exactly want!

 here is my complete script. I include my way to do it and
below the form as it was before without the WEBcheck.  see script comments

if user in database contains "WEB" then check department. yes

If User contains Web and contains Department EMC then move User to other database (see my script) called DBEMC001 Random to DBEMC043

If user in database contains "WEB"  and department NOT contains "EMC"
then set random DB 20 to 40 for database called DB0020 - DB0040


If user not contains Web
in Database then pass all user to the script behind this "WEB" question
and enable mailbox depends on department random
disable mailbox
set description
set custom attributes
set password

see also the comments in the script

Import-Module ActiveDirectory 
ForEach ($User in  Import-Csv "c:\import.csv"){ #$user}
      switch($user){
            {$_.Version -eq "MSXC2010" -and $_.aktion -eq "new"} {


# behind the new code i've included pls check

$DBuser = (Get-ADUser -identity $user.UserID).department
$WEBuser = (Get-Mailbox -Identity $user.userid | Select-Object Database)

If ($Webuser -like "*WEB*") {
If ($DBuser -like "*EMC*") {

$db = "DBEMC00$("{0:00}" -f (1..43 | Get-random))"

move-mailbox -Identity $user.user.id -TargetDatabase $DB -BadItemLimit 15 -PreserveMailboxSizeLimit:$true -Confirm: $false

$db1 = "DB00$("{0:00}" -f (20..40 | Get-random))"

move-mailbox -Identity $user.user.id -TargetDatabase $DB1 -BadItemLimit 15 -PreserveMailboxSizeLimit:$true -Confirm: $false

 
} elseif { 

Enable-Mailbox -Identity $user.UserId -Database $db

 } elseif { 

Enable-Mailbox -Identity $user.UserId


#############################################################
#this code i have its worked before and now above it should have also the web check
                 
                #  $DBuser = (Get-ADUser -identity $user.UserID).department
                  #If ($DBuser -like "*EMC*") {
                    #    $db = "DBHAM00$("{0:00}" -f (1..43 | Get-random))"
                        Enable-Mailbox -Identity $user.UserId -Database $db
                  #}
                  #else { 
                    #    Enable-Mailbox -Identity $user.UserId
                

                  #$mbox = Get-Mailbox -Identity $User.userid
                  #$mbox.EmailAddresses = $user.userid + "@emc.com"
                  #Set-Mailbox -Identity $User.userid -EmailAddresses $mbox.Emailaddresses -EmailAddressPolicyEnabled $False
                  
 ###########################################################                   
              
 switch -wildcard ($user.company){
"LCA*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'P' -CustomAttribute10 'LC'   -CustomAttribute14 'LGAM'}
"LCTG*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'C' -CustomAttribute10 'LCTG' -CustomAttribute14 'LGAM'}
"LYX*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LYX'  -CustomAttribute14 'LGAM'}
"LSW*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LSW'  -CustomAttribute14 'LGAM'}
"LST*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LST'  -CustomAttribute14 'LGAM'}
"LTE*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LTE'  -CustomAttribute14 'LGAM'}
"LCT*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LFT'  -CustomAttribute14 'LGAM'}
"LSO*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LSO'  -CustomAttribute14 'LGAM'}
"LRT*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LRT'  -CustomAttribute14 'LGAM'}
"LTI*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LTI'  -CustomAttribute14 'LGAM'}
"LIO*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'LIO'  -CustomAttribute14 'LGAM'}
"TUE*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'TUE'  -CustomAttribute14 'LGAM'}
"HPA*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'HPA'  -CustomAttribute14 'LGAM'}
default {Set-Mailbox -Identity $User.userid -CustomAttribute4 'S' -CustomAttribute10 'EMC'  -CustomAttribute14 'LGAM'}
}
 
           $descnew = $user.AuftragsNr
           $desccurrent = (Get-ADUser -identity $user.userid -Properties  Description).Description
           set-aduser -identity $user.userid -description ($desccurrent+"/"+$descnew+" "+"ACD")
                  }
                 
                  }
            {$_.Version -eq "MSXC2010" -and $_.aktion -eq "delete"} {
               
  $dbnew = (Get-Mailbox -Identity $user.userid | Select-Object Database)
  $desccurrent = (Get-ADUser -identity $user.userid -Properties Description).Description
  set-aduser -identity $user.userid -description ($desccurrent+"/"+$dbnew+" "+"ACD")
           
                  #disable mailbox exchange 2010
                  Disable-Mailbox -Identity $user.UserID -confirm:$false
                  write-host -ForegroundColor red -backgroundcolor yellow "Mailbox of $($user.UserId) has been disabled"
              
            }
                                # If ($_.Version -eq "MSXC2010" -and $_.aktion -eq "New") { 
                                {$_.Version -eq "MSXC2010" -and $_.aktion -eq "AdAccount"}  {
                              
                                $NewPassword = $user.UserId.Insert(5,"$")
                                $NewPassword = $newPassword.Insert(3,"L")
                                $NewPassword = $newPassword.Remove(0, 1)
                                $newPassword = $newPassword.Insert(0,"z")        
                                Set-ADAccountPassword -Identity $user.UserId -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $newPassword -Force) 
                                write-host -ForegroundColor magenta "Password of $($user.UserId) has been set to $newPassword"
                              
                                "User {0}  Last PW Reset at {1}" -f $user.userid,((Get-ADUser $user.userid -properties PasswordLastSet).PasswordLastSet)

                                }
                             
                              
                                {$_.Version -eq "MSXC2010" -and $_.aktion -eq "New"} {
                               
                                
                                $PW = (Get-ADUser -identity $user.userid -properties * ).CannotChangePassword
                                If ($PW -eq $false) {
                                $GROUP = (Get-ADUser -identity $user.userid -Properties *).MemberOf | % { ($_ -split ",")[0] } | Where { $_ -eq "CN=AGS" }
                                If (!($GROUP)) {
                               
                                $NewPassword = $user.userid.Insert(5,"$")
                                $NewPassword = $newPassword.Insert(3,"L")
                                $NewPassword = $newPassword.Remove(0, 1)
                                $newPassword = $newPassword.Insert(0,"Z")        
                                Set-ADAccountPassword -Identity $user.userid -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $newPassword -Force) 
                                write-host -ForegroundColor yellow "Password of $($user.UserId) has been set to $newPassword"
                              
                                "User {0}  Last PW Reset at {1}" -f $user.userid,((Get-ADUser $user.userid -properties PasswordLastSet).PasswordLastSet)
                              
                                }                                          
                           
                                }
                                
                                
                                
                               
                               }
                              
      }
 
}

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Meir Rivkin
Meir Rivkin
Flag of Israel image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Mandy_

ASKER

hi
thanks it's working so far but after moving the user to other database i'm getting
A positional parameter cannot be found that accepts argument $null

I cannot find the problem but everything seems to do what it should do.


In a short version it seems to be ok just to identify the User from
Web Database and do nothing more with them. could looks like
that?  But as i do below the system error message appears . "This
task not type of recipient....."  How can i do that do identify the Webuser
but do with them completly nothing also no error message.
Thanks in advance.
 

Import-Module ActiveDirectory 
ForEach ($User in  Import-Csv "c:\import1.csv"){ #$user}
	switch($user){
		# check columns in CSV           
		{$_.Version -eq "MSXC2010" -and $_.aktion -eq "new"} {

			$DBuser = (Get-ADUser -identity $user.UserID).department
			$WEBuser = (Get-Mailbox -Identity $user.userid | Select-Object Database)
			
			
			if($WEBuser -like "*WEB*") {
            $WEBuser = "$null"		
            write-host -ForegroundColor blue -backgroundcolor yellow "Mailbox of $($user.UserId) is a Webmailbox"
			
            }elseif ($WEBuser -notlike "*WEB*" -and $DBuser -like "*HAM*") {
				$db = "DBHAM0$("{0:00}" -f (1..1 | Get-random))"
            # }

			 } else { 

				#$db = $null
			
			

			#}elseif{ 
                        (Enable-Mailbox -Identity $user.userid $db) }  #{
                 
                        
                        Enable-Mailbox -Identity $user.UserId

               Get-Mailbox | Sort database, name | Format-Table name, database

   }
   }
   }

Open in new window