0

I have a script that creates new users that can be used for different operations. 

Param(
[Parameter(Mandatory=$True,Position=1)]
  [string]$GivenName, #=givenName

[Parameter(Mandatory=$True,Position=2)]
  [string]$Name, # =sn

[Parameter(Mandatory=$True,Position=9)]
  [string]$ADuser, 

[Parameter(Mandatory=$True,Position=4)]
  [string]$Description, #=title


[Parameter(Mandatory=$True,Position=4)]
  [string]$AdministrationUser,

[Parameter(Mandatory=$True,Position=4)]
  [string]$SamAccManager
)

after these parameters I have a new-user -name and so on, But I want to user the last Parameter SamAccManager to be added to the adminDisplayName, so I can search who is in charge of that AD user as there will be users that have no logon rights, will be used only for test purposes. 

new-aduser -name $DisplayName -DisplayName $DisplayName -Description $Description -GivenName $GivenName -Surname $Name -SamAccountName $usr -UserPrincipalName $UserPrincipalName -Path $OU_AD

How Can I integrate to add that info into that specific adminDisplayName field? for example, I want to add in the last section code -admindisplayname $samaccmanager , but I can not do that as it is an invalid parameter. Any ideas?

Improve this question

1 Answer 1

Reset to default
1

First thing I noticed is that you add duplicate values for Position to the parameters. Also, there is a parameter you do not seem to use: $AdministrationUser and personally, I would change the param names for some of them so it becomes much clearer what they stand for.

The code below uses Splatting to feed the parameters to the New-ADUser cmdlet. This is a nice readable and maintainable way of calling on cmdlets with lots of properties.

Param(
    [Parameter(Mandatory=$True,Position=0)]
    [string]$GivenName,    # =givenName

    [Parameter(Mandatory=$True,Position=1)]
    [string]$SurName,      # =SurName

    [Parameter(Mandatory=$True,Position=2)]
    [string]$AccountName,  # =SamAccountName

    [Parameter(Mandatory=$True,Position=3)]
    [string]$Description,  # =title

    [Parameter(Mandatory=$True,Position=4)]
    [string]$OU,           #= distinguishedName of the OU

    [Parameter(Mandatory=$True,Position=5)]
    [string]$SamAccManager #= AdminDisplayName
)

# create a hashtable for the New-ADUser parameters
$userParams = @{
    Name              = "$GivenName $SurName"
    DisplayName       = "$GivenName $SurName"
    Description       = $Description
    GivenName         = $GivenName
    Surname           = $SurName
    SamAccountName    = $AccountName
    UserPrincipalName = "[email protected]"
    Path              = $OU
    # add the AdminDisplayName attribute as hashtable
    OtherAttributes   = @{AdminDisplayName = $SamAccManager}
}

# create the user by splatting the parameters
New-ADUser @userParams

Of course, you can also set the AdminDisplayName property after creating the user by using

Set-ADuser -Identity $AccountName -Add @{AdminDisplayName = $SamAccManager}
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

basically when I create the user, I add that position parameter of $SamAccManager, that will be the samaccountname of the user that requested the generic user, so I can know exactly how many they have and who are those users managed by, and I chose the attribute adminDisplayName so in the adminDisplayName, there will be a string that will represent the user that made the request
@CălimanuLoredan Sure, but the question was how to add that (requestor) user in the AdminDisplayName attribute of the user and I think I have answered that, no?
Yes, you did, I will see how to modify my script, as I pasted just bits and pieces of the entire script due to some security reasons and other stuff that imply the company. after that I will mark it as a solution if it fits the need. if not I will come back and explain any roadblocks. thanks a lot.
As we are on the same script, how could I implement a parameter with input yes OR no, so I can chose if some users will have password never expire or not. I want the script to take a paramenter as an input with YES --> password never expire , NO --> default with password expire.
@CălimanuLoredan You could implement that as [1] a switch parameter: [switch]$PasswordNeverExpires and add that to the $userParams hashtable PasswordNeverExpires= [bool]$PasswordNeverExpires. Then if this parameter to the script is not given, it will default to $false. [2] Or you can do an optional parameter [ValidateSet('Yes','No')];[string]$PasswordNeverExpires = 'No' and inside the $userParams set it like this: PasswordNeverExpires= ($PasswordNeverExpires -eq 'Yes')
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.