powershell

sethayes

·

Mirror_Groups

·

Powershell

·

Total Size: 9.85 KB

·

·

Created: 1 month ago

·

Edited: 1 month ago

Function Mirror_Groups { [CmdletBinding()] Param( [Parameter(Mandatory=$true,Position=1)] [ValidateScript({Get-ADDomain -Identity $_})] [string]$Domain, [Parameter(Mandatory=$true,Position=2)] [ValidateScript({Test-Path -Path $_})] [string]$backupXML ) #Set-StrictMode -version Latest Function Log-ScriptEvent { [CmdletBinding()] Param( [parameter(Mandatory=$True)] [String]$NewLog = $log, [parameter(Mandatory=$True)] [String]$Value, [parameter(Mandatory=$True)] [String]$Component, [parameter(Mandatory=$True)] [ValidateRange(1,3)] [Single]$Severity ) $DateTime = New-Object -ComObject WbemScripting.SWbemDateTime $DateTime.SetVarDate($(Get-Date)) $UtcValue = $DateTime.Value $UtcOffset = $UtcValue.Substring(21, $UtcValue.Length - 21) $LogLine = "<![LOG[$Value]LOG]!>" +` "<time=`"$(Get-Date -Format HH:mm:ss.fff)$($UtcOffset)`" " +` "date=`"$(Get-Date -Format M-d-yyyy)`" " +` "component=`"$Component`" " + ` "context=`"$([System.Security.Principal.WindowsIdentity]::GetCurrent().Name)`" " +` "type=`"$Severity`" " +` "thread=`"$([Threading.Thread]::CurrentThread.ManagedThreadId)`" " +` "file=`"`">" Add-Content -Path $NewLog -Value $LogLine } $log = "C:\Users\Public\$(Get-Date -Format yyMMddHHmmss)_AD_Group_Mirror.log" If (New-Item -ItemType File -Path $log) { Log-ScriptEvent $log ("=" * 90) "Start-Script" 1 Log-ScriptEvent $log "TARGET_DOMAIN: $Domain" "Start-Script" 1 Log-ScriptEvent $log "BACKUP_SOURCE: $backupXML" "Start-Script" 1 Log-ScriptEvent $log ("=" * 90) "Start-Script" 1 Log-ScriptEvent $log " " " " 1 $targetDomain = Get-ADDomain -Identity $Domain $targetDomainFQDN = $targetDomain.DNSRoot $targetDomainDN = $targetDomain.DistinguishedName $groupInfo = Import-Clixml -Path $backupXML -ErrorAction SilentlyContinue If ($groupInfo) { Log-ScriptEvent $log "Custom User objects successfully imported from $BackupXml" "Mirror_Groups" 1 Log-ScriptEvent $log " " " " 1 $sourceDomainDN = ($groupInfo | Select-Object -First 1).DomainDN $i = 0 # Groups Processed $j = 0 # Groups Matched $k = 0 # Groups Created $l = 0 # Builtin Groups $m = 0 # Group Creation Failed ForEach ($group in $groupInfo) { Switch -Wildcard ($group.GroupType) { "-2147483643" { Log-ScriptEvent $log "`"$(($group).SamAccountName)`" BUILTIN Group account matched in $Domain" "Mirror_Groups" 1 Log-ScriptEvent $log " " " " 1 $i++ $l++ } Default { try { $targetGroupSAM = Get-ADGroup -Identity "$($group.SamAccountName)" -Server $targetDomainFQDN } catch {} If ($targetGroupSAM) { Log-ScriptEvent $log "SamAccountName - `"$(($User).SamAccountName)`" - already exists in $Domain" "Mirror_Groups" 1 Log-ScriptEvent $log " " " " 1 $j++ } Else { Log-ScriptEvent $log "SamAccountName - `"$(($User).SamAccountName)`" - does not exist in $Domain" "Mirror_Groups" 1 try { $targetGroupName = Get-ADGroup -Identity "$($group.Name)" -Server $targetDomainFQDN } catch {} If ($targetGroupName) { Log-ScriptEvent $log "Group Name - `"$(($group).Name)`" - already exists in $Domain" "Mirror_Groups" 1 Log-ScriptEvent $log " " " " 1 $j++ } Else { Log-ScriptEvent $log "Group Name - `"$(($group).Name)`" - does not exist in $Domain" "Mirror_Groups" 1 $targetParentDN = $group.ParentDN -Replace $SourceDomainDN,$targetDomainDN try { $targetParent = Get-ADObject -Identity $targetParentDN -Server $targetDomainFQDN } catch {} If ($targetParent) { Log-ScriptEvent $log "`"$TargetParentDn`" parent already exists in $Domain" "Mirror_Groups" 1 If ($group.Description -ne "") { $newGroup = New-ADGroup -Name $group.Name ` -Description $($group.Description) ` -GroupCategory $group.GroupCategory ` -GroupScope $group.GroupScope ` -SamAccountName = $($group.SamAccountName) ` -Path $($targetParentDN) ` -Server $($targetDomainFQDN) ` -ErrorAction SilentlyContinue } Else { $newGroup = New-ADGroup -Name $group.Name ` -GroupCategory $group.GroupCategory ` -GroupScope $group.GroupScope ` -SamAccountName = $($group.SamAccountName) ` -Path $($targetParentDN) ` -Server $($targetDomainFQDN) ` -ErrorAction SilentlyContinue } If ($?) { Log-ScriptEvent $log "Creation of `"$(($group).SamAccountName)`" succeeded." "Mirror_Groups" 1 Log-ScriptEvent $log " " " " 1 $k++ } Else { Log-ScriptEvent $log "Creation of `"$(($group).SamAccountName)`" failed. $($Error[0].exception.message)" "Mirror_Groups" 3 Log-ScriptEvent $log " " " " 1 $m++ } } Else { Log-ScriptEvent $log "`"$targetParentDn`" parent does not exist in $Domain... user creation will not be attempted" "Mirror_Groups" 1 Log-ScriptEvent $log " " " " 1 } } } Write-Progress -Activity "Mirroring Groups to $targetDomainFQDN" -Status "Processed: $i" -PercentComplete -1 $i++ $targetGroupSAM = $null $targetGroupName = $null $targetGroupDN = $null $targetParent = $null } } } } Else { Log-ScriptEvent $log "$backupXml import failed" "Mirror_Groups" 3 Log-ScriptEvent $log "Script Execution Stopped" "Mirror_Groups" 1 Log-ScriptEvent $log ("=" * 90) "Mirror_Groups" 1 Write-Error "$backupXml not found. Script Execution Stopped" Exit 2 } Log-ScriptEvent $log " " " " 1 Log-ScriptEvent $log ("=" * 90) "Finish_Script" 1 Log-ScriptEvent $log "GROUPS_PROCESSED: $i" "Finish_Script" 1 Log-ScriptEvent $log "GROUPS_MATCHED: $j" "Finish_Script" 1 Log-ScriptEvent $log "GROUPS_CREATED_SUCCESS: $k" "Finish_Script" 1 Log-ScriptEvent $log "GROUPS_CREATED_FAILURE: $m" "Finish_Script" 1 Log-ScriptEvent $log "BUILTIN_GROUPS: $l" "Finish_Script" 1 Log-ScriptEvent $log ("=" * 90) "Finish_Script" 1 } Else { Write-Error "$log not found. Script Execution Stopped." Exit 1 } }

[Modified/Stolen from the Mirror_Users.ps1 Script by Ian Farr]

Lines 117 - 135 create the groups.

The xml file is generated by another script, Dump_Groups

[Also Modified/Stolen from Ian Farr, this time his Dump_Users.ps1 Script]

 

1 bit

17 views

Are you sure you want to delete?