Link to home
Start Free TrialLog in
Avatar of Michael Leonard
Michael LeonardFlag for United States of America

asked on

powershell question - need assistance

hello can someone provide a way that I can change these scripts below to use an input TXT or CSV file, so that we do not have to run this one by one to create users and groups.  

script #1 - we need to add a variable to pull from an input CSV file for bulk creation:

$sj = New-PAMUser –SourceDomain mydomain.com –SourceAccountName jsmith
$jp = ConvertTo-SecureString "Pass@word2" –asplaintext –force
Set-ADAccountPassword –identity priv.jsmith –NewPassword $jp
Set-ADUser –identity priv.jsmith –Enabled 1

Open in new window


script #2  - same requirement for group creation:

 $ca = get-credential –UserName admin@mydomain.com –Message "CORP forest domain admin credentials"
 $pg = New-PAMGroup –SourceGroupName "group1priv2" –SourceDomain mydomain.com                 –SourceDC dc1.mydomain.com –Credentials $ca
 $pr = New-PAMRole –DisplayName "priv.group1priv2" –Privileges $pg –Candidates $sj

Open in new window

ASKER CERTIFIED SOLUTION
Avatar of Qlemo
Qlemo
Flag of Germany image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Qlemo
Qlemo
Flag of Germany image
#2 does not fit into a loop, because both scripts are connected - you use the new PAM user created in #1 for #2. You can do that only if you expand the CSV above to contain a single line per user for both parts, and I'm not sure  that makes sense, to create a new PAM group for each user? I'm not knowing anything about PAM (Privileged Access Management) and related stuff, by the way.
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image
incomplete code since I have no source data
function add-myusers{
$users= import-csv -Path mylist.csv

foreach ($user in $users)
{
$sj = New-PAMUser -SourceDomain mydomain.com -SourceAccountName $user.Name
$jp = ConvertTo-SecureString "Pass@word2" -asplaintext -force
$newid = 'priv.' + $user.name
Set-ADAccountPassword -identity $newid -NewPassword $jp
Set-ADUser -identity $newid -Enabled 1
}
}

function add-newgroup{ 
users= import-csv -Path mylist.csv
foreach ($group in $groups){
 $pg = New-PAMGroup -SourceGroupName $group.name -SourceDomain mydomain.com  -SourceDC dc1.mydomain.com -Credentials $ca
 $newid = 'priv.' + $group.name
 $pr = New-PAMRole -DisplayName $newid -Privileges $pg -Candidates $sj
 }


$ca = get-credential -UserName admin@mydomain.com -Message "CORP forest domain admin credentials"
$valid = $false
do {
write-host("1 for add users")
write-host("2 add group")

$myswitch = read-host "Enter 1 or 2"
 switch ($myswitch){
1 { $valid = $true; add-myusers; break }
2 { $valid = $true; add-newgroup; break }
}
} while ($valid -eq $false)

Open in new window

Avatar of Michael Leonard
Michael Leonard
Flag of United States of America image

ASKER

excellent. thanks Qlemo!
Avatar of Qlemo
Qlemo
Flag of Germany image
I don't feel like I have really answered your question ...