I have built an onboarding Powershell script to help our IT team simplify onboarding process. Script will add in some necessary AD fields, assign a mailbox and add in Security groups. After creating user, I have following code to add in user's officephone, street address and so on, those are based on which office they are going work in -
switch ($Office){
'office 1'{
// add in officephone and other fields
$Code = "O1"
}
'office 2'{
// add in officephone and other fields
$Code = "O2"
}
}
The $Code is used to assign Security groups as some SG names are based on office name. For example, if the user's role is maintenance officer in office O1, then a SG named MaintenanceOfficer_O1 needs to be added to this user. So the code looks like following -
Switch ($Role){
'Maintenance Officer'{
Add-ADGroupMember -Identity ("MaintenanceOffice_{0}" -f $Code) -Members $SAN
}
}
The script works fine, but we have quite a lot of roles and new roles will be created in future, so I was thinking to create some text files for our IT Support so they can add in more roles themselves. It will be something like -
get-content -path "$role"
// do a foreach loop for add-adgroupmember
Then in $role.txt file, there are AD groups for this role. So our IT support will be able to add in text file to the folder without needing access to script.
But you can see there is a problem as some SG group name requires $code.....
This is more like a logical problem than a technical one, please share any thoughts or let me know if you are confused with anything.
Thanks,
Raeb
