-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathNew-ADOUStructure.ps1
103 lines (90 loc) · 4.2 KB
/
New-ADOUStructure.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
Function New-ADOUStructure {
<#
.SYNOPSIS
Checks existence of specified Organizational Unit (OU) tree and creates if necessary. Can
create multilayer OU structure.
.DESCRIPTION
For creating multiple embedded OU layers
Input: OU=TestOU3,OU=TestOU2,OU=TestOU1,OU=ParentTest,DC=acme,DC=com
Output: A string variable with any error messages or successful creations will be output; message
will not appear if no OU creation attempt is made.
Result: Creates Active Directory OU OU=TestOU3,OU=TestOU2,OU=TestOU1,OU=ParentTest,DC=acme,DC=com
.PARAMETER OUDistinguishedName
An Active Directory distinguished name of an OU to create
.EXAMPLE
New-ADOU-Structure -OUDistinguishedName "OU=TestOU2,OU=TestOU1,OU=ParentTest,DC=acme,DC=com"
.INPUTS
String
.OUTPUTS
Creation of Active Directory OU object(s)
String message of results including error messages
.NOTES
Author: Stan Crider
Date: 8Aug2022
#>
[CmdletBinding(SupportsShouldProcess)]
Param(
[Parameter(Mandatory,
HelpMessage='What is the distinguished name of the Active Directory Organization Unit you would like to create?')]
[string]
$OUDistinguishedName
)
Process{
# Stage output array
$OUCreationOutputMessage = @()
If($PSCmdlet.ShouldProcess($OUDistinguishedName)){
# Validate distinguished name format
If($OUDistinguishedName -match "^(?:(?:OU|DC)\=\w+,)*DC\=\w+$"){
# Check existence of OU and create if OU doesn't exist
$OUExists = [adsi]::Exists("LDAP://" + $OUDistinguishedName)
If(!$OUExists){
# Stage variable arrays
$DCNameArray = @()
$OUSplitArray = @()
$OUDistinguishedNameSplit = $OUDistinguishedName -split ","
# Separate domain name from distinguished name
ForEach($DN in $OUDistinguishedNameSplit){
If($DN -match "^DC="){
$DCNameArray += $DN
}
}
$IncrementSplit = $DCNameArray -join ","
# Separate OU segment from distinguished name
ForEach($OUSegment in $OUDistinguishedNameSplit){
If($OUSegment -match "^OU="){
$OUSplitArray += $OUSegment
}
}
# Create counter for number of OU splits in distinguished name
$SplitCounter = (($OUSplitArray | Measure-Object).Count) -1
# Begin building each OU layer in distinguished name starting with highest number in array (parent)
Do{
$NewOUError = $null
If(!([adsi]::Exists("LDAP://" + ($OUSplitArray[$SplitCounter] + "," + $IncrementSplit)))){
$OUName = ($OUSplitArray[$SplitCounter]).TrimStart("OU=")
Try{
New-ADOrganizationalUnit -Name $OUName -Path $IncrementSplit -ErrorAction Stop
}
Catch{
$NewOUError = ("Creation of the OU " + ($OUSplitArray[$SplitCounter] + "," + $IncrementSplit) + " failed miserably.")
}
If($NewOUError){
$OUCreationOutputMessage += $NewOUError
$SplitCounter = (-1)
}
}
$IncrementSplit = ($OUSplitArray[$SplitCounter] + "," + $IncrementSplit)
$SplitCounter --
}
Until($SplitCounter -eq -1)
$OUCreationOutputMessage += "The OU $OUDistinguishedName was successfully created."
}
}
}
Else{
$OUCreationOutputMessage += "The 'WhatIF' parameter was used. Simulate creating $OUDistinguishedName."
}
# Results message; remark out if no message is desired.
$OUCreationOutputMessage
}
}