AIMTEC-IM_module.psm1
|
function removegroup ($user, $group ) { #$user="hraj" $user = Get-ADUser -Identity $user #$group="itc" $group = Get-ADGroup -Identity $group $text=$user.UserPrincipalName+" remove group "+$group.DistinguishedName #$global:log=$global:log,$text Remove-ADGroupMember $group -Members $user -Confirm:$false return $text } function addgroup ($user, $group ) { if ($group.length -gt 0) { $user = Get-ADUser -Identity $user $group = Get-ADGroup -Identity $group $text=$user.UserPrincipalName+" ADD group "+$group.DistinguishedName Add-ADGroupMember $group -Members $user return $text } else { return "group length 0" } } function compare-group ($Cgroups , $ORGgroups, $text , $Cuser ,$restrict) { #if ($Cgroups -is [system.array]) #{ $body = $body + $name +" Division group is many `t`n" #$Cgroups="" #$ORGgroups = "CARS" #$Cuser="karm" $mess="" write-host "text" $text write-host "compare" $Cgroups write-host "ORG" $ORGgroups $compareS=(Compare-Object $Cgroups $ORGgroups) foreach ($compare in $compareS) { #$compare=$compareS[1] if ($compare.SideIndicator -like "=>") { if ($compare.InputObject.Length -gt 0) { write-host "add group" $compare.InputObject $Cuser $mess=$mess+"add group"+$compare.InputObject+$Cuser+";" $body = $body + $Cuser + " add group"+ $compare.InputObject + " `t`n" #$xlog=addgroup $Cuser $compare.InputObject $xxlog=$xxlog+"`n" +$xlog }} if (($compare.SideIndicator -like "<=") -and ($restrict -like 1)) { if ($compare.InputObject.Length -gt 0) { write-host "remove group" $compare.InputObject $Cuser $mess=$mess+"remove group"+$compare.InputObject+$Cuser+";" $body = $body +$Cuser+ " remove group"+ $compare.InputObject + " `t`n" $xlog=removegroup $Cuser $compare.InputObject $xxlog=$xxlog+"`n" +$xlog }} } # } return $mess } function AIM_delete_user ($user, $session ,$log) { #$x=invoke-Command -Session $session {get-MailboxAutoReplyConfiguration $args[0]} -argumentlist $user $messages = "" $mailtype="" $mailtype=get-mailbox $user if ($mailtype.WindowsLiveID.count -gt 0) { $mailtype=$mailtype.RecipientTypeDetails if ($mailtype.RecipientTypeDetails -notlike "SharedMailbox") { write-host "not shared" "not shared" | Out-File -FilePath $log -Append -Encoding utf8 $messages = $messages + $user+" not shared mailbox `n" set-Mailbox $user -Type Shared #get-mailbox $user | select RecipientTypeDetails } else { $messages = $messages + $user+"shared mailbox `n" "shared mailbox " | Out-File -FilePath $log -Append -Encoding utf8 } } else { $messages = $messages + $user+" no mailbox`n" "no mailbox " | Out-File -FilePath $log -Append -Encoding utf8 } Get-ADUser -Identity $user | Move-ADObject -TargetPath 'OU=disabled_users,OU=employees,OU=Aimtec_Users,DC=aimtec,DC=cz' $messages = $messages + $user+" move to OU disabled `n" "move to OU disabled " | Out-File -FilePath $log -Append -Encoding utf8 Start-Sleep 20 Set-ADUser -Identity $user -Enabled 0 $groups=Get-ADPrincipalGroupMembership $user $Dgroups=($groups | Where-Object{$_.name -notlike 'ReportingGroup*' -and $_.name -notlike "Domain Users"}).SamAccountName foreach ($Dgroup in $Dgroups) { removegroup $user $Dgroup $messages = $messages + $user+" delete group $Dgroup `n" "delete group $Dgroup " | Out-File -FilePath $log -Append -Encoding utf8 } Set-ADUser -identity $user -AccountExpirationDate $null -Manager $null -Department $null -Company $null -Title $null return $messages } function findDistinguishedName ($nameFind ) { write-host $nameFind foreach ($ad1 in $ADemployes) { if ( $ad1.SamAccountName -contains $nameFind) { return $ad1.DistinguishedName } } } function RemoveDiacritics { param ($s) $s = $s.Normalize([System.Text.NormalizationForm]::FormD); $sb = ""; for ($i = 0; $i -lt $s.Length; $i++) { if ([System.Globalization.CharUnicodeInfo]::GetUnicodeCategory($s[$i]) -ne [System.Globalization.UnicodeCategory]::NonSpacingMark ) { $sb += $s[$i] ; } } return $sb; } |