zmeier/Backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Zack Meier
2026-04-15 15:45:50 -05:00
commit 1d304511b8
613 changed files with 140998 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_NDGOV_WindowsTeam/ITD.Infra-ActiveDirectory.Object/Public/New-ITDADServiceAccountOLD.ps1
+118
View File
@@ -0,0 +1,118 @@
<#
.Synopsis
Create new account with random password, save in Passwordstate
.DESCRIPTION
Create new Active Directory user account in the "ITD SERVICE" OU, randomly generate a password, and save it in Passwordstate
.EXAMPLE
New-ITDADServiceAccount -SamAccountName !itdtest01 -Description "app/sql db account" -ComputerName itdtest01.nd.gov -PasswordStateList CSRC -Credential <PSCredential>
#>
function New-ITDADServiceAccountOLD
{
[CmdletBinding()]
Param
(
[Parameter(Mandatory=$true)]
[string]
$SamAccountName,
[Parameter(Mandatory=$true)]
[string]
$Description,
[Parameter(Mandatory=$true)]
[string]
$ComputerName,
[Parameter(Mandatory=$true)]
[ValidateSet("CSRC","CND","Linux","Office365","VMware","ZTEST")]
[string]
$PasswordstateList,
[PSCredential]
$Credential
)
Begin
{
Write-Verbose "Validate credentials, stop script if invalid."
If($Credential -eq "" -or $Credential -eq $null)
{
$Credential = Get-Credential -Message "Enter domain/OU administrator credentials. User name must be entered as a SAMAccountName (DOMAIN\username) or as a User Principal Name (username@domain.com)" -UserName $Credential
If($Credential -eq "" -or $Credential -eq $null)
{
Write-Warning "credentials missing - stopping script"
break
}
If((Test-ADCredential -Credential $Credential -ErrorAction Stop) -eq $false)
{
Write-Warning "Invalid credentials or locked account."
break
}
}
Write-Verbose "Confirm Passwordstate connection"
If((Test-NetConnection -ComputerName itdpv.nd.gov).PingSucceeded)
{
}
Else
{
Write-Warning "Passwordstate unavailable"
break
}
Import-Module ActiveDirectory
}
Process
{
Write-Verbose "verify user account does not already exist, if it does, stop script"
$userexists = Get-ADUser -Filter {sAMAccountName -eq $SamAccountName}
If($userexists)
{
Write-Warning "$SamAccountName already exists"
break
}
Write-Verbose "fix description if needed"
If($Description -like "*1120*")
{
Write-Warning "Do not enter '1120' into the description, this will be done for you"
Break
}
Write-Verbose "set OU, get passwordstate passwordlist information, set ADDescription"
$OUdestination = "OU=ITD SERVICE,OU=USERS,OU=ITD,DC=ND,DC=GOV"
$PStateList = Get-ITDPasswordstatePasswordList -Name $PasswordstateList
$ADDescription = "1120 - " + $Description
<# removed 20181228
Write-Verbose "Generate new password"
$PasswordGenerated = New-ITDRandomPassword
$PasswordSecured = $PasswordGenerated | ConvertTo-SecureString -AsPlainText -Force
Write-Verbose "add to passwordstate"
$Date = Get-Date -UFormat "%Y/%m/%d @ %H:%M:%S"
$Notes = "Automatically generated by $env:USERNAME on $Date"
New-PasswordstateRecord -ListID $PStateList.ID -Title $ComputerName -Username "nd.gov\$SamAccountName" -APIkey $PStateList.APIkey -Password $PasswordGenerated -Description $Description -Notes $Notes
#>
New-ITDPasswordstateRecord -Title $ComputerName -Description $ADDescription -PSList $PasswordstateList -Username $SamAccountName -GeneratePassword
Write-Verbose "create account in AD"
New-ADUser -Name $SamAccountName `
-SamAccountName $SamAccountName `
-UserPrincipalName "$SamAccountName@nd.gov" `
-Description $ADDescription `
-DisplayName "$SamAccountName" `
-Path $OUdestination `
-AccountPassword $PasswordSecured `
-PasswordNeverExpires $true `
-Enabled $true `
-Credential $Credential
}
End
{
}
}