Tips-Of-Mine/Powershell
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Téléverser les fichiers vers "Active Directory"

Browse Source
This commit is contained in:
Hubert Cornet
2025-08-06 10:15:38 +02:00
parent 838d42c731
commit 7e3f25372c
4 changed files with 189 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
Active Directory/Get-UserRights.ps1 Normal file
View File

@@ -0,0 +1,64 @@
#Paremetres Utilisateur et racine du partage
$User = "Username"
$Path = "PATH"
#Nom de Domaine NetBios
$Domain = "DOMSNS"
Function Get-ADUserNestedGroups {
Param
(
[string]$DistinguishedName,
[array]$Groups = @()
)
#Get the AD object, and get group membership.
$ADObject = Get-ADObject -Filter "DistinguishedName -eq '$DistinguishedName'" -Properties memberOf, DistinguishedName;
#If object exists.
If ($ADObject) {
#Enummurate through each of the groups.
Foreach ($GroupDistinguishedName in $ADObject.memberOf) {
#Get member of groups from the enummerated group.
$CurrentGroup = Get-ADObject -Filter "DistinguishedName -eq '$GroupDistinguishedName'" -Properties memberOf, DistinguishedName;
#Check if the group is already in the array.
If (($Groups | Where-Object { $_.DistinguishedName -eq $GroupDistinguishedName }).Count -eq 0) {
#Add group to array.
$Groups += $CurrentGroup;
#Get recursive groups.
$Groups = Get-ADUserNestedGroups -DistinguishedName $GroupDistinguishedName -Groups $Groups;
}
}
}
Return $Groups;
}
$Groups = Get-ADUserNestedGroups -DistinguishedName (Get-ADUser -Identity $User).DistinguishedName;
$list = Get-ChildItem $Path -Recurse -Directory
Foreach ($item in $list) {
$ACL = (Get-Acl $item.FullName).Access
if (($ACL.IdentityReference -contains ("$($Domain)\" + $User)) -and ($ACL.IsInherited -eq $false)) {
Write-Host "$($User) a les droits $($ACL.FileSystemRights) sur $($item.FullName)"
}
Foreach ($Group in $Groups.Name) {
if (($ACL.IdentityReference -contains ("$($Domain)\" + $Group)) -and ($ACL.IsInherited -eq $false)) {
Write-Host "$($User) est dans le groupe $($Group) qui a les droits $($ACL.FileSystemRights) sur $($item.FullName)"
}
}
}

48
Active Directory/Import-AdGroups.ps1 Normal file
View File

@@ -0,0 +1,48 @@
#Importer le module Active Directory
Import-Module activedirectory
[string]$Mode
$Rights = Import-csv "Templates\Import-AdGroups.csv" -Delimiter ";" -Encoding UTF8
# $Groups_Names = ($Rights[0].psobject.Properties).name | Where-Object { $_ -ne "Utilisateur" }
# $Groups_Names -contains $Property.name
ForEach ($User in $Rights) {
ForEach ($Property in $User.PsObject.Properties) {
if ($Property.Value -eq "0") {
$Mode = "Access"
}
elseif ($Property.Value -eq "1") {
$Mode = "Read"
}
elseif ($Property.Value -eq "2") {
$Mode = "Write"
}
$Group = (($Property.name -replace " ", "-" -replace "\\", "_" -replace ",", "-") + "_" + $Mode)
Try {
$TheGroup = Get-ADGroup $Group
$GroupMembers = Get-ADGroupMember -Identity ($($TheGroup.name))
if ($GroupMembers.SamAccountName -contains $User.Utilisateur) {
Write-Host "User $($User.Utilisateur) is already in the group" ($($TheGroup.name)) -BackgroundColor Blue
}
else {
try {
Add-AdGroupMember -Identity ($($TheGroup.name)) -members $User.Utilisateur
Write-Host "User $($User.Utilisateur) added to the group" ($($TheGroup.name)) -BackgroundColor Green
}
catch {
Write-Host "User $($User.Utilisateur) not added to the group" ($($TheGroup.name)) -BackgroundColor Yellow
}
}
}
Catch {
Write-Host "Group $($Group) not exist, skipped !" -BackgroundColor Red
}
Remove-Variable Mode -ErrorAction SilentlyContinue
}
}

52
Active Directory/Import-AdUsers.ps1 Normal file
View File

@@ -0,0 +1,52 @@
# Import active directory module for running AD cmdlets
Import-Module activedirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv "Templates\Import-AdUsers.csv" -Delimiter ";" -Encoding UTF8
$Domain = "dom.hitea.fr"
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers) {
$FullName = "$($User.firstname) $($User.lastname)"
$Upn = "$($User.username)@$Domain"
if ((Get-AdUser -Filter "SamAccountName -eq '$($User.username)'")) {
Write-Warning "A user account with username $($User.username) already exist in Active Directory."
}
elseif (([string]::IsNullOrEmpty($User.password))) {
Write-Warning "The password for $($User.username) is nul or empty."
}
elseif (($User.username).Length -gt 19) {
Write-Warning "The username $($User.username) is too long (Greater than 20)."
}
else {
try {
New-ADUser `
-SamAccountName $User.username `
-UserPrincipalName $Upn `
-GivenName $User.firstname `
-Surname $User.lastname `
-Name $FullName `
-DisplayName $FullName `
-Path $User.ou `
-Company $User.company `
-State $User.state `
-City $User.city `
-StreetAddress $User.streetaddress `
-OfficePhone $User.telephone `
-EmailAddress $User.email `
-Title $User.jobtitle `
-Department $User.department `
-AccountPassword (convertto-securestring $User.password -AsPlainText -Force) `
-Enabled $True `
-ChangePasswordAtLogon $False `
-PasswordNeverExpires $True `
-CannotChangePassword $False
Write-Host "The user $($User.firstname) $($User.lastname) ($($User.username)) was created."
}
catch {
Write-Error "The user $($User.firstname) $($User.lastname) ($($User.username)) was not created."
}
}
}

25
Active Directory/New-Domain.ps1 Normal file
View File

@@ -0,0 +1,25 @@
#Installer la fonctionnalité AD DS
Install-WindowsFeature AD-Domain-Services -IncludeManagementTools
#Importer le module de déploiement
Import-Module ADDSDeployment
#Créer une nouvelle forêt
Install-ADDSForest `
-CreateDnsDelegation:$false `
-DatabasePath "C:\Windows\NTDS" `
-DomainMode "WinThreshold" `
-DomainName "DOMAINE.LOCAL" `
-DomainNetbiosName "DOMAINE" `
-ForestMode "WinThreshold" `
-InstallDns:$true `
-LogPath "C:\Windows\NTDS" `
-NoRebootOnCompletion:$false `
-SysvolPath "C:\Windows\SYSVOL" `
-Force:$true
#Voir les rédirecteurs du serveur DNS
Get-DnsServerForwarder
#Ajouter un redirecteur au serveur DNS, Exemple avec le DNS de CloudFare
Add-DnsServerForwarder -IPAddress 1.1.1.1