jessikitty/Staff-AD-email-disabler
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add ACTV user creation for accounts not found in AD

Browse Source
This commit is contained in:
jessikitty
2026-05-20 11:07:29 +10:00
parent 2fb501c91e
commit 8de674c514
1 changed files with 48 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Update-StaffAD.ps1
+48 -8
View File
@@ -2,11 +2,14 @@
# Reads Staff_Extract.csv and updates AD email addresses and account status. # Reads Staff_Extract.csv and updates AD email addresses and account status.
# Matches users by sAMAccountName (PAYROLL_REC_NO column). # Matches users by sAMAccountName (PAYROLL_REC_NO column).
# If duplicate entries exist, ACTV takes priority over INAC/LEFT. # If duplicate entries exist, ACTV takes priority over INAC/LEFT.
# Creates new AD accounts for ACTV users not found in AD.
# Applies changes automatically and appends results to a log file. # Applies changes automatically and appends results to a log file.
# --- Configuration --- # --- Configuration ---
$CsvPath = "C:\Scripts\Staff_Extract.csv" $CsvPath = "C:\Scripts\Staff_Extract.csv"
$LogFile = "C:\Scripts\Logs\StaffAD_Changes.log" $LogFile = "C:\Scripts\Logs\StaffAD_Changes.log"
$NewUserOU = "OU=Staff,DC=school,DC=vic,DC=edu,DC=au" # Update this
$DefaultPassword = ConvertTo-SecureString "P@ssword123!" -AsPlainText -Force # Update this
# --- Setup --- # --- Setup ---
if (-not (Test-Path $CsvPath)) { if (-not (Test-Path $CsvPath)) {
@@ -52,6 +55,7 @@ $emailUpdates = 0
$disables = 0 $disables = 0
$noChanges = 0 $noChanges = 0
$notFound = 0 $notFound = 0
$created = 0
$notFoundList = @() $notFoundList = @()
foreach ($entry in $Deduped.Values) { foreach ($entry in $Deduped.Values) {
@@ -59,17 +63,52 @@ foreach ($entry in $Deduped.Values) {
$status = $entry.STAFF_STATUS.Trim() $status = $entry.STAFF_STATUS.Trim()
$email = $entry.E_MAIL.Trim() $email = $entry.E_MAIL.Trim()
# Parse name from email
$firstName = "Unknown"
$lastName = "Unknown"
if ($email -match "^([^.]+)\.([^@]+)@") {
$firstName = $Matches[1]
$lastName = $Matches[2]
}
$displayName = "$firstName $lastName"
# Find user in AD by sAMAccountName # Find user in AD by sAMAccountName
try { try {
$adUser = Get-ADUser -Identity $samAccount ` $adUser = Get-ADUser -Identity $samAccount `
-Properties EmailAddress, Enabled, DisplayName ` -Properties EmailAddress, Enabled, DisplayName `
-ErrorAction Stop -ErrorAction Stop
} catch { } catch {
$notFound++ # Not found in AD - create if ACTV, otherwise log and skip
$parsedName = if ($email -match "^([^.]+)\.([^@]+)@") { if ($status -ne "ACTV") {
"$($Matches[1]) $($Matches[2])" $notFound++
} else { "Unknown" } $notFoundList += "$samAccount, $displayName (skipped - status: $status)"
$notFoundList += "$samAccount, $parsedName" continue
}
try {
New-ADUser `
-SamAccountName $samAccount `
-UserPrincipalName $email `
-GivenName $firstName `
-Surname $lastName `
-DisplayName $displayName `
-Name $displayName `
-EmailAddress $email `
-AccountPassword $DefaultPassword `
-Enabled $true `
-Path $NewUserOU
Write-Log ""
Write-Log " User : $displayName ($samAccount)"
Write-Log " Status : $status"
Write-Log " Account : CREATED in $NewUserOU [CREATED]" "Green"
Write-Log " Email : $email [SET]" "Green"
$created++
} catch {
Write-Log ""
Write-Log " User : $displayName ($samAccount)"
Write-Log " Account : FAILED to create - $_" "Red"
}
continue continue
} }
@@ -112,10 +151,11 @@ foreach ($entry in $Deduped.Values) {
Write-Log "" Write-Log ""
Write-Log " --- Summary ---" Write-Log " --- Summary ---"
if ($emailUpdates -eq 0 -and $disables -eq 0) { if ($emailUpdates -eq 0 -and $disables -eq 0 -and $created -eq 0) {
Write-Log " No changes were made on this run." "Cyan" Write-Log " No changes were made on this run." "Cyan"
} }
Write-Log " Accounts created : $created"
Write-Log " Email updates : $emailUpdates" Write-Log " Email updates : $emailUpdates"
Write-Log " Accounts disabled : $disables" Write-Log " Accounts disabled : $disables"
Write-Log " No changes needed : $noChanges" Write-Log " No changes needed : $noChanges"