Hi, below, I've written a script with help from others that adds users to our domain. All seems to be fine except when I get to the dsmod command. I get and error saying that "dsmod failed:`Target object for this command' is missing." Now if I run that command manually, it works just fine.. If anyone has the time to review my script and let me know if they are aware of something obvious, I'd appreciate it.
------------------------------------------------------------------------------------
# Pop-up to prompt for the new user name details to be passed to the rest of the script
[Reflection.Assembly]::LoadWithPartialName(
"System.Windows.Forms") | out-null
# create new controls
$form
= new-object system.windows.forms.form
$button
= new-object system.windows.forms.button
$textbox
= new-object system.windows.forms.textbox
$textbox2
= new-object system.windows.forms.textbox
$textbox3
= new-object system.windows.forms.textbox
$label
= new-object system.windows.forms.label
$label2
= new-object system.windows.forms.label
$label3
= new-object system.windows.forms.label
$label4
= new-object system.windows.forms.label
# set up label
$label
.text = "Firstname"
$label
.top = 50
$label
.left = 10
$label
.height = 20
$label
.width = 100
# set up label 2
$label2
.text = "M.I."
$label2
.top = 50
$label2
.left = 225
$label2
.height = 20
$label2
.width = 40
# set up label 3
$label3
.text = "Lastname"
$label3
.top = 50
$label3
.left = 300
$label3
.height = 20
$label3
.width = 100
# set up label 4
$label4
.text = "Please enter the username details below!"
$label4
.top = 10
$label4
.left = 10
$label4
.height = 20
$label4
.width = 500
# set up text box 1
$textbox
.top = 70
$textbox
.left = 10
$textbox
.height = 120
$textbox
.width = 200
# set up text box 2
$textbox2
.top = 70
$textbox2
.left = 225
$textbox2
.height = 120
$textbox2
.width = 50
# set up text box 3
$textbox3
.top = 70
$textbox3
.left = 290
$textbox3
.height = 120
$textbox3
.width = 200
# set up button
$button
.text = "OK"
$button
.width = 70
$button
.height = 25
$button
.left = 500
$button
.top = 125
$button
.BackColor = 'BurlyWood'
# set up button's click event
# this script block will just hide the form,
# allowing the main script to continue
$button_click
= { $form.hide() }
$button
.add_click($button_click)
# set up form
$form
.text = "New User Creation"
$form
.formborderstyle = 2
$form
.height = 200
$form
.width = 600
$form
.BackColor = 'BlanchedAlmond'
# add controls to form
$form
.controls.add($label)
$form
.controls.add($label2)
$form
.controls.add($label3)
$form
.controls.add($label4)
$form
.controls.add($textbox)
$form
.controls.add($textbox2)
$form
.controls.add($textbox3)
$form
.controls.add($button)
# show form
# script will pause at this point
$form
.showdialog() | out-null
# get user input from text box
$strFirstName
= $textbox.text
$strMiddleInitial
= $textbox2.text
$strLastName
= $textbox3.text
# Grab the first letter of the first name and concatenate it with the last name to create username
$strUserName
= $strFirstName.Substring(0,1) + $strLastName
# Set display name
$strDisplayName
= $strFirstName + " " + $strMiddleInitial + ". " + $strLastName
# Set UPN
$strUpn
= $strUserName + "@ham.sitel.co.nz"
# Set email address
$strEmail
= $strFirstName + "." + $strLastName + "@ham.sitel.co.nz"
# Set SamID for legacy purposes
$strSamid
= $strUserName
# Set conical name for user container
$strCNName
= "OU=MyTestOU,DC=ham,DC=sitel,DC=co,DC=nz"
# Set conical name for user by concatenating the Display name with the CN Name for the user container
$strValue
= "CN="+ $strDisplayName + "," + $strCNName
# Search AD for the existence of the username and push that value to #strSamAccount, If username doesn't exist, then $strSamAccount will be null.
$strSamAccount
= get-adobject -value $strUserName
# Set up messagebox to display success or failure of user creation
[void][Reflection.Assembly]::LoadWithPartialName(
"System.Windows.Forms")
$MsgBox
= [Windows.Forms.MessageBox]
$Button
= [Windows.Forms.MessageBoxButtons]:
K
# Create user function, after verifying that the $strUserName is unique. This function calls "dsadd user" from the CLI
# and then displays via pop-up the creation after checking that the account is unique.
# Also sends an email to system guys to finish off configuration of user.
function
CreateAccount
{
# Verify that the account is unique by checking AD for the account using the display name.
$displaynametest = Get-ADObject -Value $strdisplayname
if($displaynametest.Displayname -eq $strdisplayname)
{
# Set up message box for pop up indicating there is a problem with an already existing account
$Icon = [Windows.Forms.MessageBoxIcon]::Warning
$MsgBox::Show("An account for " + $strDisplayName + " already exists. `n If you believe this is an error, please try again `
`n
", "Unsuccessful Acccount Creation", $Button, $Icon)
}
else
{
# Add user
dsadd user
$strValue -upn $strUpn -samid $strSamid -fn $strFirstName -mi $strMiddleInitial -ln $strLastName -display $strDisplayName -email $strEmail -pwd PASSWORD -mustchpwd yes
# Set up message box for pop up and display of user details
$Icon = [Windows.Forms.MessageBoxIcon]::Information
$MsgBox::Show("The windows account for " + $strDisplayName + " has been created. `n`n" + $strFirstName + "'s username is " + $strUserName + ". `n" `
+
$strFirstName + "'s email address is " + $strEmail + ". `n", "Successful Acccount Creation", $Button, $Icon)
# Prompt for up to 5 named groups
[void][reflection.assembly]::LoadWithPartialName(
"System.Windows.Forms")
# Create the form
$form = New-Object System.Windows.Forms.Form
$button = new-object system.windows.forms.button
$form.add_shown({$form.Activate()})
$form.Text = "Add User To Groups"
$form.formborderstyle = 2
$form.height = 800
$form.width = 600
$form.BackColor = 'BlanchedAlmond'
# set up button
$button.text = "OK"
$button.width = 70
$button.height = 25
$button.left = 500
$button.top = 700
$button.BackColor = 'BurlyWood'
# set up button's click event
# this script block will just hide the form,
# allowing the main script to continue
$button_click = { $form.hide() }
$button.add_click($button_click)
$arygrouplist = Get-Content "c:\arygrouplist.txt"
$lb = new-object System.Windows.Forms.ListBox
$lb.SelectionMode = [System.Windows.Forms.SelectionMode]::MultiExtended
$lb.Width = 200
$lb.Height = 650
foreach ($groupname in $aryGrouplist)
{
[void]
$lb.Items.Add("$groupname")
}
$lb.SetSelected(0,$false)
$lb.SetSelected(1,$false)
$lb.SetSelected(2,$false)
$lb.SetSelected(3,$false)
$lb.SetSelected(4,$false)
# add the controls to the form
$form.Controls.AddRange(@($lb,$button))
# show the form
$results = $form.showdialog() | out-null
# put the results into $aryGroups
$arySelectedGroups = $lb.SelectedItems
$form.dispose()
# Actual addition to add user to groups from $arySelectedGroups
$username = $strUserName
foreach ($groupname in $arySelectedGroups)
{
$usermodname = Get-ADObject -value $username
$groupname
dsquery group -
samid $groupname | dsmod group -addmbr $usermodname.distinguishedName
}
$groups = dsquery user -name $strDisplayName | dsget user -memberof
# Mail enable account that you just created.
# Send email to IT to finish work around the new user to include mail enabling the account
Send-SmtpMail -SMTPHost "hamxch02.ham.sitel.co.nz" -To "anatoli.yefimov@ham.sitel.co.nz" -From "anatoli.yefimov@ham.sitel.co.nz" -Subject "New Employee added to Domain by HR" `
-
Body "$strDisplayName has had an account created in AD by HR.
Username is
$strUserName.
Current group membership is:
$groups
Please mail enable this account and set preferred OU location
"
}
}
# If $strSamAccount.SamAccountName (username) doesn't exist than run CreatAccount function
if
($strSamAccount.samaccountname -ne $strUserName)
{
CreateAccount
}
else
{
# If username was already in use, then a second letter from the first name is added to the username, samid and upn
$strUserName = $strFirstName.Substring(0,2) + $strLastName
$strSamAccount = get-adobject -value $strUserName
$strEmail = $strFirstName + "." + $strLastName + "@ham.sitel.co.nz"
$strSamid = $strUserName
$strUpn = $strUserName + "@ham.sitel.co.nz"
# If $strSamAccount.SamAccountName (username with second letter from first name) doesn't exist than run CreatAccount function
if ($strSamAccount.samaccountname -ne $strUserName)
{
CreateAccount
}
else
{
# If username was already in use, then a third letter from the first name is added to the username, samid and upn
$strUserName = $strFirstName.Substring(0,3) + $strLastName
$strSamAccount = get-adobject -value $strUserName
$strEmail = $strFirstName + "." + $strLastName + "@ham.sitel.co.nz"
$strSamid = $strUserName
$strUpn = $strUserName + "@ham.sitel.co.nz"
# If $strSamAccount.SamAccountName (username with third letter from first name) doesn't exist than run CreatAccount function
if ($strSamAccount.samaccountname -ne $strUserName)
{
CreateAccount
}
else
{
$Icon = [Windows.Forms.MessageBoxIcon]::Warning
$MsgBox::Show("There was a problem with duplicate account names. Please contact IT! `n", "Warning!", $Button, $Icon)
}
}
}