SharePoint結合PowerShell創建入離職自動化(二)

接上一篇,有了SharePoint的列表做爲數據輸入,那麼咱們就能夠愉快的經過PowerShell腳本建立帳號了css

首先定義一個具備AD、Ex、Lync管理權限的帳戶,這裏不須要開通SharePoint是由於SharePoint的開通是自動的,其餘的功能開通能夠根據須要增長html

#定義管理憑據
$pwd = "01000000d08c9ddf0115d1118c7a00c04fc297eb01000000035bf6730bcdda4eb12ed62660d5faed0000000002000000000003660000c00000001000000028a14cc2c4a1826645f8316995dd04640000000004800000a00000001000000001d6528ebc1b49550a6d0f6c6706165b1800000020f1a80859c6b78f45f3ee3dec23b0435442ecbac0d4cf6214000000e45f1f2cbbc7226ed77293a720f4ceb2e1246745"
$Password = ConvertTo-SecureString -String $pwd
$Credential = New-Object System.Management.Automation.PSCredential("domain\User",$Password)
#導入AD\SharePoint的管理單元和模塊
Import-Module ActiveDirectory
Add-PSSnapin Microsoft.SharePoint.PowerShell
#創建Ex\Lync隱式會話
$ExSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://e2k13-fe01.domain.cn/PowerShell/ -Credential $Credential -Authentication Kerberos
Import-PSSession $ExSession
$LyncSession = New-PSSession -ConnectionUri https://Lync13-fe.domain.cn/OcsPowerShell -Credential $Credential
Import-PSSession $LyncSession
#定義報表頭
$ReportPath = "C:\Scripts\AutoCreate\";
$ReportName = "AutoCreate_$(Get-Date -Format MMddhhmm).html";
$ServiceReport = $ReportPath + $ReportName
$RedColor = "#FF0000"
$WhiteColor = "#FFFFFF"
下文的'\'是爲了防止51CTO頁面顯示異常才加的,各位在使用時請刪除掉
$Header = "
\<html>
\<head>
\<meta http-equiv='Content-Type' content='text/html; charset=gb2312'>
\<title>Service Report</title>
\<STYLE TYPE='text/css'>
\<!--
td {
font-family: Tahoma;
font-size: 11px;
border-top: 1px solid #999999;
border-right: 1px solid #999999;
border-bottom: 1px solid #999999;
border-left: 1px solid #999999;
padding-top: 0px;
padding-right: 0px;
padding-bottom: 0px;
padding-left: 0px;
}
body {
margin-left: 5px;
margin-top: 5px;
margin-right: 0px;
margin-bottom: 10px;
table {
border: thin solid #000000;
}
-->
\</style>
\</head>
\<body>
\<table width='100%'>
\<tr bgcolor='#CCCCCC'>
\<td colspan='7' height='25' align='center'>
\<font face='tahoma' color='#003399' size='4'>\<strong>入職開通狀態\</strong>\</font>
\</td>
\</tr>
\</table>
"
Add-Content $ServiceReport $Header
$TableHeader = "
\<table width='100%'>\<tbody>
\<tr bgcolor=#CCCCCC>
\<td width='15%' align='center'>帳戶\</td>
\<td width='25%' align='center'>應用\</td>
\<td width='25%' align='center'>狀態\</td>
\</tr>
"
Add-Content $ServiceReport $tableHeader
#查詢SharePoint入職開通應用中的Item信息
$SPWeb = Get-SPWeb -Identity http://sp.domain.cn
$SPList = $SPWeb.GetList("/Lists/List4")
#定義Company信息
$APath = "OU=Users,OU=A,DC=Domain,DC=cn"
$BPath = "OU=Users,OU=B,DC=Domain,DC=cn"
$ADomain = "A.cn"
$BDomain = "B.cn"
#定義密碼
$Password = "P@ssw0rd" | ConvertTo-SecureString -AsPlainText -Force
#定義郵件通知函數
Function Send-Message
{
$SmtpClient = New-Object System.Net.Mail.SmtpClient
$MailMessage = New-Object System.Net.Mail.MailMessage
$SmtpClient.Host = "172.16.0.1"
$MailMessage.From = "Liuzw@Domain.cn"api

$MailMessage.To.Add("Liuzw@Domain.cn")
$MailMessage.Subject = "入職開通報告"
$MailMessage.IsBodyHtml = $True
$MailMessage.Body = Get-Content $ServiceReport
$SmtpClient.Send($MailMessage)
}
#定義空數組用於存儲開通狀態
$UserReport = @()
#遍歷SharePoint入職開通頁面上的全部Item
Foreach($UserInfo in $SPList.Items)
{
#定義帳戶開通訊息
$UserInfo.GetFormattedValue("上級經理") -match "ID=[\w]`">(?<Manager>[\w\W])</a>"
$User = @()
$User +=[PSCustomObject]@{
Surname = $UserInfo.GetFormattedValue("姓")
GivenName = $UserInfo.GetFormattedValue("名")
Account = $UserInfo.GetFormattedValue("帳號")
DisplayName = $UserInfo.GetFormattedValue("顯示名稱")
Department = $UserInfo.GetFormattedValue("部門")
Company = $UserInfo.GetFormattedValue("公司")
Manager = $Matches.Manager
Mobile = $UserInfo.GetFormattedValue("移動電話")
Enabled = $UserInfo.GetFormattedValue("已開通")
Approve = $UserInfo.Workflows.StatusText
}
#若是已批准而且未開通則執行
If($User.Approve -eq "已批准" -and $User.Enabled -eq "否")
{
#嘗試建立AD帳號
Try
{數組

#根據公司名稱定義開通路徑
Switch($User.Company)
{
恆元華建{
$Path = $APath
$Domain = $ADomain
}
雲坤{
$Path = $BPath
$Domain = $BDomain
}
}
#執行開通
$Manager = $User.Manager
$Department = $User.Department
$UPN = "$($User.Account)@$($Domain)"
New-ADUser -GivenName $User.GivenName -Surname $User.Surname -DisplayName $User.DisplayName -Department $User.Department -MobilePhone $User.Mobile -SamAccountName $User.Account -Name $User.Account -Enabled $True -AccountPassword $Password -Manager (Get-ADUser -Filter {DisplayName -eq $Manager }) -Path $Path -UserPrincipalName $UPN -ErrorAction Stop -ErrorVariable $ADErrormarkdown

$UserReport += [PSCustomObject]@{
帳戶= $User.Account
應用 = "AD帳號"
狀態 = "已開通"
}dom

#添加部門組
Get-ADGroup -Filter {Description -eq $Department} | Add-ADGroupMember -Members $User.Account
#嘗試開通郵箱
Try{
Enable-Mailbox -Identity $User.Account -ErrorAction Stop
$UserReport += [PSCustomObject]@{
帳戶= $User.Account
應用 = "Exchange帳號"
狀態 = "已開通"
}
}
Catch{
$UserReport += [PSCustomObject]@{
帳戶= $User.Account
應用 = "Exchange帳號"
狀態 = "開通失敗"
}
#Send-Message -Subject "$($User.Displayname)郵箱建立失敗"
}
#嘗試啓用Lync
Try{
Enable-CsUser -Identity $UPN -RegistrarPool sip.domain.cn -SipAddressType UserPrincipalName -ErrorAction Stop
$UserReport += [PSCustomObject]@{
帳戶= $User.Account
應用 = "Lync帳號"
狀態 = "已開通"
}
}
Catch{
$UserReport += [PSCustomObject]@{
帳戶= $User.Account
應用 = "Lync帳號"
狀態 = "開通失敗"
}
#Send-Message -Subject "$($User.Displayname)Lync開通失敗"
}
#更新開通訊息
$UserInfo["已開通"] = $True
$UserInfo.Update()ide

}
Catch
{
$UserReport += [PSCustomObject]@{
帳戶= $User.Account
應用 = "AD帳號"
狀態 = "開通失敗"
}
#Send-Message -Subject "AD帳號$($User.Account)建立失敗" -Body $ADError
}
}
}
#添加開通狀態到報表內容
$UserReport | ForEach-Object {
if($.狀態 -ne "已開通")
{
$color = $redColor
}
else
{
$color = $whiteColor
}
$DataRow = "
<tr>
\<td width='15%'>$($
.帳戶)\</td>
\<td width='25%' >$($.應用)\</td>
\<td width='25%' bgcolor='$color' align='center'>$($
.狀態)\</td>
\</tr>
"
Add-Content $ServiceReport $DataRow;
}
Add-Content $ServiceReport "\</body>\</html>"
#發送報表
Send-Message
#移除會話和文件
Remove-PSSession $ExSession
Remove-PSSession $LyncSession
Remove-Item $ServiceReport函數

好啦,基本的入職開通自動化就完成了,HR只須要填寫基本信息,就會自動完成各個應用的開通,完成之後你會收到相似於這樣的郵件
SharePoint結合PowerShell創建入離職自動化(二)ui

相關文章
相關標籤/搜索