troubleshooting Question

Powershell - write User to CSV, explicitly exclude part of the User from any action

Avatar of Mandy_
Mandy_ asked on
PowershellExchangeActive Directory
10 Comments1 Solution996 ViewsLast Modified:
Hi,

In the Script posted below i marked the steps where i need help e.g. ### Question No. 1###

1. What is the best way to write only the USERIDs of the DB "*WEB*" to an
external CSV at this step?

2. Is there a way to exclude the User which are stored in Database (*WEB*) from the action should taken below, after identify them and write to an external file
or must be  this user explicitly exclude from any action before it should taken?

for example: ($_.Version -eq "MSXC2010" -and $_.action -eq "New" -and $user_db -notlike "*WEB*")


Import-Module ActiveDirectory 
ForEach ($User in  Import-Csv "c:\import.csv"){ #$user}
switch($user){
		         
{$_.Version -eq "MSXC2010" -and $_.aktion -eq "new"} {

			
$user_dept = (Get-ADUser -identity $user.UserID).department
$user_db = (Get-Mailbox -Identity $user.userid).Database
			
			
if($user_db -notlike "*WEB*" -and $user_dept -like "EMC") {
					
$db = "DBEMC0$("{0:00}" -f (1..43 | Get-random))"
           
Enable-Mailbox -Identity $user.UserId $DB  #here should enable all user in department EMC to Database DBEMC0 - DBEMC043

### Question No. 1 ####
}elseif ($user_db -like "*WEB*" | Out-File "c:\Temp\webUser.csv") {   #here write userids database web to a file

### Question No. 2 ####
		
		    }elseif ($user_dep -notlike "*EMC*" -and $user_db -notlike "*WEB*") {  # all user not department EMC and not Database WEB should be enable here
            
            Enable-Mailbox -Identity $user.UserId


                  }
                  else { 

                  $mbox = Get-Mailbox -Identity $User.userid
                  $mbox.EmailAddresses = $user.userid + "@emc.de"
                  $mbox.EmailAddresses+="MRS:$($user.userid)@MRS"
                  Set-Mailbox -Identity $User.userid -EmailAddresses $mbox.Emailaddresses -EmailAddressPolicyEnabled $False
                  
                     
              
   switch($user.company){
					"LCA*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'T' -CustomAttribute10 'LCA' -CustomAttribute14 'vcom'}
					"LCG*" {Set-Mailbox -Identity $User.userid -CustomAttribute4 'K' -CustomAttribute10 'LCG' -CustomAttribute14 'vcom'}
					"LCY*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'LCY' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
					"LCT*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'LCT' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
					"LCP*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'LCP' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "LTC*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'LTC' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "LVT*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'LVT' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "LCN*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'LCN' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "BTL*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'BTL' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "BTM*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'BTM' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "BTS*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'BTS' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "DTN*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'DTN' -CustomAttribute4 'R' -CustomAttribute14 'vcom'}
                    "KPA*" {Set-Mailbox -Identity $User.userid -CustomAttribute10 'KPA' -CustomAttribute4 'R'  -CustomAttribute14 'vcom'}
                    default {Set-Mailbox -Identity $User.userid -CustomAttribute10 'EMC' -CustomAttribute4 'R' -CustomAttribute13 'vcom'}
}

                    $descnew = $user.orderid
                    $desccurrent = (Get-ADUser -identity $user.userid -Properties Description).Description
                    set-aduser -identity $user.userid -description ($desccurrent+"/"+$descnew+" ")
                  }
   			
			}
		{$_.Version -eq "MSXC2010" -and $_.action -eq "delete"} { 
		   
		   $dbnew = (Get-Mailbox -Identity $user.userid | Select-Object Database)
		   $desccurrent = (Get-ADUser -identity $user.userid -Properties Description).Description
           set-aduser -identity $user.userid -description ($desccurrent+"/"+$dbnew+" ")
		
			#disable mailbox exchange 2010
		   	Disable-Mailbox -Identity $user.UserID -confirm:$false
 
           
                  }
                 
                  }
           
              
            
                                # If ($_.Version -eq "MSXC2010" -and $_.action -eq "New") { 
                                {$_.Version -eq "MSXC2010" -and $_.aktion -eq "AdAccount"}  {
                              
                                $NewPassword = $user.UserId.Insert(5,"$")
                                $NewPassword = $newPassword.Insert(3,"L")
                                $NewPassword = $newPassword.Remove(0, 1)
                                $newPassword = $newPassword.Insert(0,"Z")        
                                Set-ADAccountPassword -Identity $user.UserId -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $newPassword -Force) 
                                write-host -ForegroundColor magenta "Password of $($user.UserId) has been set to $newPassword"
                              
                                "User {0}  Last PW Reset at {1}" -f $user.userid,((Get-ADUser $user.userid -properties PasswordLastSet).PasswordLastSet)

                                }
                               
                              
                                {$_.Version -eq "MSXC2010" -and $_.aktion -eq "New"} {
                               
                                
                                $PW = (Get-ADUser -identity $user.userid -properties * ).CannotChangePassword
                                If ($PW -eq $false) {
                                $GROUP = (Get-ADUser -identity $user.userid -Properties *).MemberOf | % { ($_ -split ",")[0] } | Where { $_ -like "CN=E*" }
                                If (!($GROUP)) {
                               
                                $NewPassword = $user.userid.Insert(5,"$")
                                $NewPassword = $newPassword.Insert(3,"L")
                                $NewPassword = $newPassword.Remove(0, 1)
                                $newPassword = $newPassword.Insert(0,"Z")        
                                Set-ADAccountPassword -Identity $user.userid -Reset -NewPassword (ConvertTo-SecureString -AsPlainText $newPassword -Force) 
                                write-host -ForegroundColor yellow "Password of $($user.UserId) has been set to $newPassword"
                              
                                "User {0}  Last PW Reset at {1}" -f $user.userid,((Get-ADUser $user.userid -properties PasswordLastSet).PasswordLastSet)
                              
                                }                                          
                           
                                }
                                


appreciate for your help
Mandy
ASKER CERTIFIED SOLUTION
Qlemo
"Batchelor", Developer and EE Topic Advisor

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Top Expert 2015

The Distinguished Expert awards are presented to the top veteran and rookie experts to earn the most points in the top 50 topics.

Join our community to see this answer!
Unlock 1 Answer and 10 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 10 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros