Install-User.ps1

function Install-User
{
    param(
        [Parameter()]
        [string]$ComputerName = $env:computername,
        
        [Parameter(Mandatory=$true)]
        [string]$UserName,
        
        [Parameter(Mandatory=$true)]
        [string]$Password,
        
        [Parameter()]
        [bool]$PasswordChangeable = $true,
        
        [Parameter()]
        [bool]$PasswordExpired = $true,
        
        [Parameter()]
        [string]$Description,
        
        [Parameter()]
        [string]$FullName,
        
        [Parameter()]
        [string]$Group,
        
        [Parameter()]
        [switch]$PassThru
    )
    
    Write-Verbose "Installing user '$Username' on '$ComputerName'..."
    
    if(!(Test-Connection $ComputerName -Count 1 -Quiet))
    {
        Write-Error "Unable to connect '$ComputerName'. The network path not found."
        return
    }
    try
    {
        if([ADSI]::Exists("WinNT://$ComputerName/$UserName"))
        {
                Write-Error "User '$UserName' is already exist on '$ComputerName'."
                return
        }
        
        if($Group)
        {
            if(!([ADSI]::Exists("WinNT://$ComputerName/$Group")))
            {
                Write-Error "Group '$Group' could not be found on '$ComputerName'."
                return
            }
        }
        
        #Create User account
        $account = ([ADSI]"WinNT://$ComputerName,computer").Create('user',$UserName)
        #Set password on account
        $account.psbase.invoke("SetPassword",$Password)
        #Commit the changes made
        $account.psbase.CommitChanges()
        #Set description on account
        if($Description) { $account.description = $Description }
        #Set description on account
        if($FullName) { $account.fullname = $FullName }
        #Set flag for password to not expire
        if(!$PasswordExpired)
        {
            $ADS_UF_DONT_EXPIRE_PASSWD = 0x10000
            $account.userflags = $account.userflags[0] -bor $ADS_UF_DONT_EXPIRE_PASSWD
        }
        #Set flag for not allow user to change password
        if(!$PasswordChangeable) {
            $ADS_UF_DO_NOT_ALLOW_PASSWD_CHANGE = 0x0040
            $account.userflags = $account.userflags[0] -bor $ADS_UF_DO_NOT_ALLOW_PASSWD_CHANGE
        }
        #Commit the changes
        $account.psbase.CommitChanges()
        Write-Verbose "Creating user '$Username' on '$ComputerName' was successfully."
        
        if($Group)
        {
            #Add account to Local group
            $localGroup = [ADSI]"WinNT://$ComputerName/$Group,group"
            $localGroup.PSBase.Invoke("Add",$account.PSBase.Path)
            Write-Verbose "Adding user '$Username' to group '$Group' on '$ComputerName' was successfully."
        }
        
        Write-Verbose "User '$Username' has been installed on '$ComputerName'."
        
        if($Passthru)
        {
            $pso = New-Object PSObject -Property @{
                 ComputerName = $ComputerName.ToUpper()
                 UserName = $UserName
                 FullName = $FullName
                 Description = $Description
                 PasswordExpired = $PasswordExpired
                 PasswordChangeable = $PasswordChangeable
                 Group = $Group
            }
            $pso.PSTypeNames.Clear()
            $pso.PSTypeNames.Add('MKServerBuilder.UserAccount')
            $pso
        }
    }
    catch
    {
        Write-Error $_
    }
}
posted @ 2014-01-30 21:47 Edward Guan 阅读(434) 评论(0) 编辑收藏举报
会员力量，点亮园子希望
刷新页面返回顶部
Edward Guan

Install-User.ps1

公告
