Public/New-AdUserFromSyncHr.ps1

function New-AdUserFromSyncHr
{
    [CmdletBinding(PositionalBinding = $true)]
    param
    (
        [Parameter(Mandatory = $true)][object]$SyncHrNewHire
    )

    Write-Log "Starting function"

    $returnObj = New-Object -TypeName psobject -Property @{
        Result = ''
    }

    $username = $SyncHrNewHire.fName + "." + $SyncHrNewHire.lname
    $name = $SyncHrNewHire.fName + " " + $SyncHrNewHire.lname

    $newEmpNumber = Convert-SyncHrEmpNo -SyncHrEmpNo $SyncHrNewHire.empNo

    $password = $($SyncHrNewHire.fName).SubString(0, 1) + $($SyncHrNewHire.lname).SubString(0, 1) + "#" + $newEmpNumber
    $password_ss = ConvertTo-SecureString $password -AsPlainText -Force

    $newEmail = "$username@$($SyncHrNewHire.defaultDomain)"
    
    $manager = $null
    if ($SyncHrNewHire.manager_empNo.Length -gt 3)
    {
        $managerEmployeeNumber = Convert-SyncHrEmpNo -SyncHrEmpNo $SyncHrNewHire.manager_empNo
        try
        {
            $manager = Get-ADUser -Filter { EmployeeNumber -eq $managerEmployeeNumber } -Properties manager -ErrorAction: Stop | Select-Object -First 1
        }
        catch
        {

        }
    }

    try
    {
        $newUserHash = @{
            EmployeeNumber        = $newEmpNumber
            SamAccountName        = $username
            UserPrincipalName     = $newEmail
            Email                 = $newEmail
            Name                  = $name
            DisplayName           = $name
            GivenName             = $SyncHrNewHire.fname
            Surname               = $SyncHrNewHire.lname
            Enabled               = $True
            ChangePasswordAtLogon = $True
            Title                 = $SyncHrNewHire.positionTitle
            Path                  = $SyncHrNewHire.defaultOu
            Manager               = $manager.DistinguishedName
            Office                = $SyncHrNewHire.location_name
            StreetAddress         = $SyncHrNewHire.location_street
            City                  = $SyncHrNewHire.location_city
            State                 = $SyncHrNewHire.location_state
            PostalCode            = $SyncHrNewHire.location_zip
            Company               = $SyncHrNewHire.companyName
            AccountPassword       = $password_ss
            Homedrive             = "H"
            Homedirectory         = "\\svrfp01\Home\$username"
        
        }

        Write-Log -LogText "Creating new user: $($newUserHash | ConvertTo-Json -Compress)"

        New-ADUser @newUserHash

        Start-Sleep -Seconds 3
        $newUser = Get-AdUser $username -Properties Office, EmployeeNumber -ErrorAction Stop

        $returnObj | Add-Member -MemberType: NoteProperty -Name SamAccountName -Value $newUser.SamAccountName
        $returnObj | Add-Member -MemberType: NoteProperty -Name Office -Value $newUser.Office
        $returnObj | Add-Member -MemberType: NoteProperty -Name EmployeeNumber -Value $newUser.EmployeeNumber
        $returnObj | Add-Member -MemberType: NoteProperty -Name newPassword -Value $password
        $returnObj | Add-Member -MemberType: NoteProperty -Name managerName -Value $manager.Name

        $returnObj.Result = 'OK'

    }
    catch
    {
        Write-Log "Error with New-AdUser. SynrHr user: $name ($($SyncHrNewHire.empNo))" -LogType: error -ErrorObject $_
        $returnObj.Result = "Error: $($_.Exception.Message)"
    }

    $proxyAddresses = @(
        "SMTP:$newEmail"
    )

    foreach ($proxy in $SyncHrNewHire.domainProxyList)
    {
        $proxyAddresses += "smtp:$username@$proxy"
    }

    try
    {
        foreach ($proxy in $proxyAddresses)
        {
            Set-ADUser -Identity $username -Add @{ ProxyAddresses = $proxy }
        }
        
    }
    catch
    {
        Write-Log "Error with Set-AdUser. SynrHr user: $name ($($SyncHrNewHire.empNo)). Command: ""Set-ADUser -Identity $username -Add @{ProxyAddresses = $proxy}""" -LogType: error -ErrorObject $_
    }

    try
    {
        Add-ADGroupMember -Identity $SyncHrNewHire.positionTitle -Members $username
    }
    catch
    {
        Write-Log "Error with Add-ADGroupMember. SynrHr user: $name ($($SyncHrNewHire.empNo)). Command: ""Add-ADGroupMember -Identity $($SyncHrNewHire.positionTitle) -Members $username""" -LogType: error -ErrorObject $_
    }

    try
    {
        #Create Home Folder if one does not exist, make a new one and set the correct permissions.
        if ( (Test-Path "\\svrfp01\Home\$username") -eq $false)
        {
            $NewFolder = New-Item -Path "\\svrfp01\Home\" -Name $username -ItemType "Directory"
            $Rights = [System.Security.AccessControl.FileSystemRights]"FullControl,Modify,ReadAndExecute,ListDirectory,Read,Write"
            $InheritanceFlag = @([System.Security.AccessControl.InheritanceFlags]::ContainerInherit, [System.Security.AccessControl.InheritanceFlags]::ObjectInherit)
            $PropagationFlag = [System.Security.AccessControl.PropagationFlags]::None
            $objType = [System.Security.AccessControl.AccessControlType]::Allow
            $objUser = New-Object System.Security.Principal.NTAccount "my_full_domain_name\$username"
            $objACE = New-Object System.Security.AccessControl.FileSystemAccessRule `
            ($objUser, $Rights, $InheritanceFlag, $PropagationFlag, $objType)
            $ACL = Get-Acl -Path $NewFolder
            $ACL.AddAccessRule($objACE)
            Set-ACL -Path $NewFolder.FullName -AclObject $ACL
        }
    }
    catch
    {
        Write-Log "An error occurred in adding the home directory:" -LogType error -ErrorObject $_
    }


    Write-Log "Completing function"

    return $returnObj



}