PowerShell: Create, Edit User Accounts Basing on CSV File

# Create New Users: defined as names in CSV that does not exist in Existing Users records of Active Directory
$csvFile='C:\newUsers.csv'
$primaryEmailSuffix='@kimconnect.com'
$proxyEmailSuffix='@kimconnect.net'
$removeProxyEmailSuffix='@gmail.com'
$baseOu='CN=Users,DC=kimconnect,DC=com'
$companyName='Kim Connect'
$logFile="c:\temp\createActiveDirectoryAccounts-$(get-date -f yyyy-mm-dd-hh-mm-ss).txt"
function renameUser{
  $username='testAccount'
  $newName='test_Account'
  $distinquishedName=(get-aduser $username).DistinguishedName
  rename-adobject -identity $distinquishedName -NewName $newName
}
function createActiveDirectoryAccountsByOu{
  param(
    $csvFile,
    $baseOu,
    $companyName,
    $primaryEmailSuffix,
    $proxyEmailSuffix,
    $logFile
  )

  # Declare variables Log Files
  $failures = @()
  $usersAlreadyExist =@()
  $successes = @()
  $erroractionpreference = "Continue"

  write-host "Gathering Active Directory Users Information..."
  # Gather user accounts in a defined OU
  $existingUsers=get-aduser -Filter * -searchbase $baseOu -property SamAccountName,GivenName,sn,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps
  $csvContents=import-csv $csvFile
  
  write-host "Checking whether there are any new users to be created."
  $usersToCreate=if($null -ne $existingUsers){
    $csvContents|?{$_.'First Name' -notin $existingUsers.Givenname -and $_.'Last Name' -notin $existingUsers.sn -and $_.'Last Name' -notin $existingUsers.EmailAddress}
  }else{
    $csvContents
  }

  if($usersToCreate){
    $allExistingUsers=Get-ADUser -Filter * -property SamAccountName,GivenName,sn,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps
    $voidChars='#N/A','',$null
    $ou=if($baseOu){$baseOu}else{
      $domainLdapExpression='DC='+((($env:USERDNSDOMAIN).tolower() -split '\.') -join ',DC=');
      'CN=Users,'+$domainLdapExpression
    }
  
    write-host "Commencing users creation..."
    foreach ($user in $usersToCreate) {
      $firstName=$user.'First Name'
      $lastName=$user.'Last Name'
      $emailAddress=$user.'Business Email'
      #$emailSuffix=[regex]::match($emailAddress,'@(.*)$').Captures.Groups[0].Value
      $newSamAccountName=.{          
        # Method 1: check to determine whether there are not duplicating records
        $testSamAccountName=$firstName[0]+$lastName
        $matchedSam=$allExistingUsers|?{$_.SamAccountName -eq $testSamAccountName}
        if(!$matchedSam){
          return $testSamAccountName
        }
        # Method 2: testing firstname initials + lastname combinations
        for ($i=0;$i -lt $firstName.length;$i++){
          $testUsername=($firstName[0..$i] -join '')+$lastName
          if($testUserName -notin $allExistingUsers.SamAccountName){
            return $testUsername
          }
        }
        # Method 3: incrementing the username by a single digit
        for($i=1;$i -lt 11;$i++){
          $testUsername2=$samAccountName+$i
          if($testUserName2 -notin $allExistingUsers.SamAccountName){
            return $testUsername2
          }
        }
      }
      $proxyEmailAddress=$newSamAccountName+$proxyEmailSuffix
      $proxyAddresses=if($emailAddress -eq $proxyEmailAddress){'SMTP:'+$emailAddress}else{@("SMTP:$emailAddress","smtp:$proxyEmailAddress")}
      $userExists=$emailAddress -in $allExistingUsers.EmailAddress -or $proxyEmailAddress -in $allExistingUsers.EmailAddress
      if(!$userExists){
        $jobTitle=if($user.'Business Title' -notin $voidChars){$user.'Business Title'}else{$null}
        $password = $user.newPassword | ConvertTo-SecureString -AsPlainText -Force
        $streetAddress=if($user.'Street 2' -notin $voidChars){$user.'Street 1'+', '+$user.'Street 2'}elseif($user.'Street 1' -notin $voidChars){$user.'Street 1'}else{$null}
        $city =if($user.City -notin $voidChars){$user.City}else{$null}
        $state =if($user.State -notin $voidChars){$user.State}else{$null}
        $postalCode=if($user.PostalCode -notin $voidChars){$user.PostalCode}else{$null}
        $country=if($user.Country -notin $voidChars){$user.Country}else{$null}      
        $telephone=if($user.telephoneNumber -notin $voidChars){$user.telephoneNumber}else{$null}
        $extension=if($user.Extension -notin $voidChars){$user.Extension}else{$null}
        $displayName=$lastName+', '+$firstName
        $newUserPrincipleName=$newSamAccountName+'@'+$env:USERDNSDOMAIN
        $employeeId=if($user.'File #' -notin $voidChars){$user.'File #'}else{$null}
        $userInitials=if($user.Initials -notin $voidChars){$user.Initials}else{$null}
        $description=if($user.description -notin $voidChars){$user.description}else{$null}
        $office=if($user.office -notin $voidChars){$user.office}else{$null}
        $managerDn=if($user.newManagerDN -notin $voidChars){$user.newManagerDN}else{$null}
        $department=if($user.Department -notin $voidChars){$user.Department}else{$null}
        $division=if($user.Division -notin $voidChars){$user.Division}else{$null}
  
        # Generating a hash table as a splatting technique
        $params = @{        
          SamAccountName = $newSamAccountName;
          Path = $ou;
          Enabled = $true;        
          AccountPassword = $password;
          ChangePasswordAtLogon = $False;
          EmployeeID = $employeeId;        
          GivenName = $firstName;
          Surname = $lastName;
          Name = $displayName;
          DisplayName = $displayName;
          UserPrincipalName = $newUserPrincipleName;
          Initials = $userInitials;
          Description = $description;    
          Office = $office;
          Title = $jobTitle
          Manager = $managerDn;
          Company = $companyName;
          Department = $department;
          Division = $division;
          StreetAddress = $streetAddress;
          EmailAddress = $emailAddress;
          City = $city
          State = $state
          PostalCode = $postalCode
          Country = $country
          OfficePhone = $telephone
          OtherAttributes = @{ 
              IPPhone = $extension;
              proxyAddresses = $proxyAddresses;
              proxyAddressesforgapps = $proxyAddresses;
              #extensionAttribute3 = $($User.extensionAttribute3);
              #extensionAttribute4 = $($User.extensionAttribute4);
            }
          }
      
        # Removing empty values
        @($params.OtherAttributes.Keys)|%{if(-not $params.OtherAttributes[$_]){$params.OtherAttributes.Remove($_)}}
        $voidCount=(@($params.OtherAttributes.Keys) | % {if ($params.OtherAttributes[$_] -in $voidChars) {$_}}).Count
        if($params.OtherAttributes.Keys.count -eq $voidCount){$params.Remove('OtherAttributes')}
        @($params.Keys) | % {if ($null -eq $params[$_]) {$params.Remove($_)}}
        
        try{       
          # Creating the user account
          New-ADUser @params -PassThru #-Verbose       
          $successes+="$newSamAccountName with display name '$displayName' has been succesfully created"
        }catch{
          $failures+="$newSamAccountName creation has failed with error: $_"
        }
      }else{
        write-warning "$newSamAccountName already exists in $env:USERDNSDOMAIN"
        $usersAlreadyExist+="$newSamAccountName already exists"
      }
    }
    $divider='`r`n`r`n==============================================================`r`n`r`n'
    $logMessages=$failures+$divider+$usersAlreadyExist+$divider+$successes
  }else{
    $logMessages="$($csvContents.count) records have been checked. There are no new users to create."
    write-host $logMessages
  }

  $logMessages | Out-File -FilePath $logFile
  write-host "Results have been logged at $logFile"
}
function addProxyEmails{
  $csvFile='C:\Userliases.csv'
  $baseOu='CN=Users,DC=kimconnect,DC=com'

  $existingUsers=if($baseOu){
    #get-aduser - Filter * -searchbase $baseOu
    get-aduser -Filter * -searchbase $baseOu -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,Enabled|?{$_.Enabled -eq $true}
  }else{
        #get-aduser -Filter *
        get-aduser -Filter * -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,Enabled|?{$_.Enabled -eq $true}
      }
  $csvContents=import-csv $csvFile
  foreach ($user in $csvContents){
      $emailAddress=$user.user
      $alias=$user.Alias
      $matchSamAccount=$existingUsers|?{$emailAddress -eq $_.EmailAddress}
      if($null -ne $matchSamAccount){
          $existingProxyEmails=$matchSamAccount.ProxyAddresses
          $existingProxyEmailsForGapps=$matchSamAccount.proxyAddressesForGapps    
          $existingEmailAddress=$matchSamAccount.EmailAddress
          $newAlias=$user.alias
          if(!($existingProxyEmails|?{$_ -like "smtp:$newAlias"})){
              Set-ADUser -Identity $matchSamAccount.SamAccountName -Add @{proxyAddresses = "smtp:$newAlias"}
          }else{
              write-host "de nata"
          }
          if(!($existingProxyEmailsForGapps|?{$_ -like "smtp:$newAlias"})){
              Set-ADUser -Identity $matchSamAccount.SamAccountName -Add @{proxyAddressesForGapps = "smtp:$newAlias"}
          }else{
              write-host "de nata"
          }
      }
  }
}
function updateUserAccounts{
  param(
    $csvFile,
    $baseOu,
    $companyName,
    $primaryEmailSuffix,
    $proxyEmailSuffix,
    $logFile,
    $updateManagers=$false
  )
  $progress=''
  # Match labels according to CSV
  # $samAccountLabel='SamAccountName'
  # $nameLabel='Name'
  # $firstNameLabel='First Name'
  # $lastNameLabel='Last Name'
  # $employeeIdLabel='File #'
  # $jobTitleLabel='Business Title'
  # $passwordLabel='newPassword'
  # $emailLabel='Business Email' # This field is required
  # $aliasLabel='Alias'
  # $streetLabel='Street 1'
  # $streetLabel2='Street 2'
  # $cityLabel='city'
  # $stateLabel='state'
  # $postalLabel='PostalCode'
  # $countryLabel='Country'
  # $telephoneLabel='telephoneNumber'
  # $extensionLabel='Extension'
  # $initialsLabel='Initials'
  # $descriptionLabel='Description'
  # $officeLabel='Office'
  # $managerDnLabel='newManagerDN'
  # $departmentLabel='Department'
  # $divisionLabel='Division'
  # $newAccountLabel='newEmployee'

  $samAccountLabel='SamAccountName'
  $nameLabel='Name'
  $firstNameLabel='FIRST NAME'
  $lastNameLabel='LAST NAME'
  $employeeIdLabel='File #'
  $jobTitleLabel='JOB TITLE'
  $passwordLabel='newPassword'
  $emailLabel='WORK EMAIL' # This field is required
  $aliasLabel='Alias'
  $streetLabel='STREET ADDRESS'
  $streetLabel2='Street 2'
  $cityLabel='CITY'
  $stateLabel='STATE'
  $postalLabel='POSTAL CODE'
  $countryLabel='COUNTRY'
  $telephoneLabel='WORK TELEPHONE'
  $extensionLabel='WORK EXTENSION'
  $initialsLabel='Initials'
  $descriptionLabel='Description'
  $officeLabel='Office'
  $managerDnLabel='newManagerDN'
  $departmentLabel='DEPARTMENT'
  $divisionLabel='Division'
  $newAccountLabel='newEmployee'
  $hireDateLabel='HIRE DATE'
  $supervisorNameLabel='SUPERVISOR NAME'

  function createUsers{
    # Declare variables
    $failures=@()
    $usersAlreadyExist=@()
    $successes=@()
    $erroractionpreference="Continue"
    $pauses=2

    write-host "Gathering Active Directory Users Information..."
    # Gather user accounts in a defined OU
    $existingUsers=if($baseOu){
      #get-aduser -Filter * -searchbase $baseOu
      get-aduser -Filter * -searchbase $baseOu -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,DistinguishedName
    }else{
      #get-aduser -Filter *
      get-aduser -Filter * -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,DistinguishedName
    }
    $fileExists=test-path $csvFile
    $csvContents=if($fileExists){import-csv $csvFile}else{return $false}
    if(!$csvContents){
      write-warning "$csvFile has no data."
      return $false
    }
    $usersToCreate=if($null -ne $existingUsers){
        $csvContents|?{
          $newAccount=$_.$newAccountLabel
          $firstname=$_.$firstNameLabel
          $lastname=$_.$lastNameLabel
          $alias=$_.$aliasLabel
          if($alias){
            $aliasFirstname=$alias.split(' ')|select -first 1
            $aliasLastname=$alias.split(' ')|select -first 2|select -last 1
          }else{
            $aliasFirstname=$aliasLastname=$null
          }
          $lastnameMatches=$existingUsers.Surname|?{$_ -eq $lastname -or $_ -eq $aliasLastname}
          $firstNameMatches=if($lastnameMatches){
            if($lastnameMatches.Givenname|?{$_ -eq $firstname -or $_ -eq $aliasFirstname}){$true}else{$false}
          }else{$false}
          $newAccount -or !($lastnameMatches -and $firstNameMatches)
        }
      }else{
        $csvContents
      }
    
    if($usersToCreate){      
      write-host "Creating new accounts..."
      $allExistingUsers=Get-ADUser -Filter * -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,DistinguishedName
      $voidChars='#N/A','',$null
      $ou=if($baseOu){$baseOu}else{
        $domainLdapExpression='DC='+((($env:USERDNSDOMAIN).tolower() -split '\.') -join ',DC=');
        'CN=Users,'+$domainLdapExpression
      }
      foreach($user in $usersToCreate){
        $firstname=$user.$firstNameLabel
        $lastName=$user.$lastNameLabel
        $alias=$user.$aliasLabel
        $givenEmail=$user.$emailLabel
        $samAccountName=.{          
          # Default:
          if($user.$samAccountLabel){return $user.$samAccountLabel}

          # Method 1: check to determine whether there are not duplicating records
          $testSamAccountName=$firstName[0]+$lastName
          $matchedSam=$allExistingUsers|?{$_.SamAccountName -eq $testSamAccountName}
          if(!$matchedSam){
            return $testSamAccountName
          }
          # Method 2: testing firstname initials + lastname combinations
          for ($i=0;$i -lt $firstName.length;$i++){
            $testUsername=($firstName[0..$i] -join '')+$lastName
            if($testUserName -notin $allExistingUsers.SamAccountName){
              return $testUsername
            }
          }
          # Method 3: incrementing the username by a single digit
          for($i=1;$i -lt 11;$i++){
            $testUsername2=$samAccountName+$i
            if($testUserName2 -notin $allExistingUsers.SamAccountName){
              return $testUsername2
            }
          }
        }
        $proxyEmail=if($samAccountName){$samAccountName+$proxyEmailSuffix}else{$null}
        $primaryEmail=if($samAccountName){$samAccountName+$primaryEmailSuffix}else{$null}
        $userExists=$givenEmail -in $allExistingUsers.EmailAddress -or $primaryEmail -in $allExistingUsers.EmailAddress
        if(!$userExists){
          $jobTitle=if($user.$jobTitleLabel -notin $voidChars){$user.$jobTitleLabel}else{$null}
          $password = $user.$passwordLabel | ConvertTo-SecureString -AsPlainText -Force
          $streetAddress=if($user.$streetLabel -notin $voidChars){$user.$streetLabel+', '+$user.$streetLabel2}elseif($user.$streetLabel -notin $voidChars){$user.$streetLabel}else{$null}
          $city =if($user.$cityLabel -notin $voidChars){$user.$cityLabel}else{$null}
          $state =if($user.$stateLabel -notin $voidChars){$user.$stateLabel}else{$null}
          $postalCode=if($user.$postalLabel -notin $voidChars){$user.$postalLabel}else{$null}
          $country=if($user.$countryLabel -notin $voidChars){$user.$countryLabel}else{$null}      
          $telephone=if($user.$telephoneLabel -notin $voidChars){$user.$telephoneLabel}else{$null}
          $extension=if($user.$extensionLabel -notin $voidChars){$user.$extensionLabel}else{$null}
          $displayName=if($user.$nameLabel){$user.$nameLabel}else{$lastName+', '+$firstName}
          $userPrincipleName=$samAccountName+'@'+$env:USERDNSDOMAIN
          $employeeId=if($user.$employeeIdLabel -notin $voidChars){$user.$employeeIdLabel}else{$null}
          $userInitials=if($user.$initialsLabel -notin $voidChars){$user.$initialsLabel}else{$null}
          $description=if($user.$descriptionLabel -notin $voidChars){$user.$descriptionLabel}else{$null}
          $office=if($user.$officeLabel -notin $voidChars){$user.$officeLabel}else{$null}
          $managerDn=if($user.$managerDnLabel -notin $voidChars){$user.$managerDnLabel}else{$null}
          $department=if($user.$departmentLabel -notin $voidChars){$user.$departmentLabel}else{$null}
          $division=if($user.$divisionLabel -notin $voidChars){$user.$divisionLabel}else{$null}
          $hireDate=if($user.$hireDateLabel -notin $voidChars){$user.$hireDateLabel -AS [datetime]}else{$null}
          $managerDn=.{
            if($user.$supervisorNameLabel -notin $voidChars){
              $x=$user.$supervisorNameLabel.split(' ')
              if($x.count -eq 2){
                $supervisorLastname= $x|select -last 1
                $supervisorFirstname=$x|select -first 1
              }elseif($x.gettype().name -eq 'String'){
                $supervisorLastname= $null
                $supervisorFirstname=$x
              }else{
                $supervisorLastname= $x|select -first 2|select -Last 1  
                $supervisorFirstname=$x|select -first 1
              }
              $y=.{                
                $lastNameMatches=$existingUsers|?{$_.Surname -eq $supervisorLastname}
                $nameMatches=if($lastNameMatches){
                  $lastNameMatches|?{$_.Givenname -eq $supervisorFirstname}
                }else{$null}
                if($nameMatches.SamAccountName.count -eq 1){
                  return $nameMatches.DistinguishedName
                }else{
                  return $null
                }
              }
              return $y
            }else{
              return $null
            }
          }
          $proxyAddresses=.{
            [string[]]$x=@("SMTP:$primaryEmail","smtp:$proxyEmail","smtp:$givenEmail")|?{$_ -and $_ -notlike "*$removeProxyEmailSuffix" -and $_ -notmatch '@{2}' -and $_ -ne 'smtp:'}|select -Unique
            if($x.gettype().Name -ne 'String'){
              [System.Collections.ArrayList]$x=$x
            }else{
              return $x
            }
            $primaryDuplicates=$x|?{$_ -cmatch '^SMTP\:' -and $_ -ne "SMTP:$primaryEmail"}
            $primaryDuplicates|%{$null=$x.Remove("$_")}            
            do{
              $otherDuplicates=$x|group|?{$_.Count -gt 1}|select -ExpandProperty Group|?{$_ -cne "SMTP:$primaryEmail"}
              $otherDuplicates|select -first 1|%{$null=$x.Remove($_)}
            }until(!$otherDuplicates)
            return $x
          }

          # Generating a hash table as a splatting technique
          $params = @{        
            SamAccountName = $samAccountName;
            Path = $ou;
            Enabled = $true;        
            AccountPassword = $password;
            ChangePasswordAtLogon = $False;
            EmployeeID = $employeeId;        
            GivenName = $firstName;
            Surname = $lastName;
            Name = $displayName;
            DisplayName = $displayName;
            UserPrincipalName = $userPrincipleName;
            Initials = $userInitials;
            Description = $description;    
            Office = $office;
            Title = $jobTitle
            Manager = $managerDn;
            Company = $companyName;
            Department = $department;
            Division = $division;
            StreetAddress = $streetAddress;
            EmailAddress = $primaryEmail;
            City = $city
            State = $state
            PostalCode = $postalCode
            Country = $country
            OfficePhone = $telephone
            OtherAttributes = @{ 
                IPPhone = $extension
                proxyAddresses = $proxyAddresses
                proxyAddressesforgapps = $proxyAddresses
                # HireDate = $hiredate
                #extensionAttribute4 = $($User.extensionAttribute4);
              }
            }
        
          # Removing empty values
          @($params.OtherAttributes.Keys)|%{if(-not $params.OtherAttributes[$_]){$params.OtherAttributes.Remove($_)}}
          $voidCount=(@($params.OtherAttributes.Keys) | % {if ($params.OtherAttributes[$_] -in $voidChars) {$_}}).Count
          if($params.OtherAttributes.Keys.count -eq $voidCount){$params.Remove('OtherAttributes')}
          @($params.Keys) | % {if ($null -eq $params[$_]) {$params.Remove($_)}}
          
          try{       
            # Creating the user account
            if($pauses-- -ge 0){
              write-output $params
              pause
            }
            New-ADUser @params -PassThru #-Verbose       
            $successes+="$samAccountName with display name '$displayName' has been succesfully created"
          }catch{
            $failures+="$samAccountName creation has failed with error: $_"
          }
        }else{
          write-warning "$samAccountName already exists in $env:USERDNSDOMAIN"
          $usersAlreadyExist+="$samAccountName already exists"
        }
      }
  
      $accountCreationResult=$usersAlreadyExist+$failures+$successes
      $accountCreationResult|Out-File -FilePath $logFile -Append
    }
  }

  function updateAccounts{
    # Declare variables
    $successes=@()
    $failures=@()
    $erroractionpreference = "Continue"
    $pauses=3
    write-host "Gathering Active Directory Users Information..."
    # Gather user accounts in a defined OU
    $existingUsers=if($baseOu){
      #get-aduser -Filter * -searchbase $baseOu
      get-aduser -Filter * -searchbase $baseOu -property SamAccountName,GivenName,Surname,DisplayName,Initials,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,Description,Office,Manager,Company,Department,Division,StreetAddress,City,State,PostalCode,Country,OfficePhone,IPPhone
    }else{
      #get-aduser -Filter *
      get-aduser -Filter * -property SamAccountName,GivenName,Surname,DisplayName,Initials,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,Description,Office,Manager,Company,Department,Division,StreetAddress,City,State,PostalCode,Country,OfficePhone,IPPhone
    }
    $fileExists=test-path $csvFile
    $csvContents=if($fileExists){import-csv $csvFile}else{return $false}
    if(!$csvContents){
      write-warning "$csvFile has no data."
      return $false
    }
    # Updating Accounts
    foreach($row in $csvContents){
      $givenSamAccount=$row.$samAccountLabel
      $firstname=$row.$firstNameLabel
      $lastName=$row.$lastNameLabel
      $alias=$row.$aliasLabel
      $aliasFirstname=($alias -split ' ')[0]
      $aliasLastname=($alias -split ' ')[1]
      $matchedSamAccount=$existingUsers|?{
        $condition1=if($givenSamAccount){$_.SamAccountName -eq $givenSamAccount}
        $condition2=if($_.Surname -eq $lastName -or $_.Surname -eq $aliasLastname){($_.Givenname -eq $firstName -or $_.Givenname -eq $aliasFirstname)}else{$false}
        $condition1 -or $condition2
      }
      if($matchedSamAccount.SamAccountname.count -gt 1){
        $failures+="WARNING: There are multiple matches for $firstname $lastName`: $($matchedSamAccount.SamAccountName)"
        write-warning "There are multiple matches for $firstname $lastName`: $($matchedSamAccount.SamAccountName)"
      }elseif($matchedSamAccount.SamAccountname.count -eq 1){
        if($pauses-- -gt 0){
          write-host "Pause #$pauses`: updating`r`n`r`n------FROM------ $($matchedSamAccount|out-string) ------TO------ $($row|out-string)"
          pause
        }
        $user=$matchedSamAccount
        $samAccountName=$user.SamAccountName
        $password = $row.$passwordLabel | ConvertTo-SecureString -AsPlainText -Force
        $streetAddress=if($row.$streetLabel -notin $voidChars){$row.$streetLabel+', '+$row.$streetLabel2}elseif($row.$streetLabel -notin $voidChars){$row.$streetLabel}else{$null}
        $city =if($row.$cityLabel -notin $voidChars){$row.$cityLabel}else{$null}
        $state =if($row.$stateLabel -notin $voidChars){$row.$stateLabel}else{$null}
        $postalCode=if($row.$postalLabel -notin $voidChars){$row.$postalLabel}else{$null}
        $country=if($row.$countryLabel -notin $voidChars){$row.$countryLabel}else{$null}      
        $telephone=if($row.$telephoneLabel -notin $voidChars){$row.$telephoneLabel}else{$null}
        $extension=if($row.$extensionLabel -notin $voidChars){$row.$extensionLabel}else{$null}
        $displayName=$lastName+', '+$firstName     
        $employeeId=if($row.$employeeIdLabel -notin $voidChars){$row.$employeeIdLabel}else{$null}
        $userInitials=if($row.$initialsLabel -notin $voidChars){$row.$initialsLabel}else{$null}
        $description=if($row.$descriptionLabel -notin $voidChars){$row.$descriptionLabel}else{$null}
        $office=if($row.$officeLabel -notin $voidChars){$row.$officeLabel}else{$null}
        $jobTitle=if($row.$jobTitleLabel -notin $voidChars){$row.$jobTitleLabel}else{$null}
        $managerDn=if($row.$managerDnLabel -notin $voidChars){$row.$managerDnLabel}else{$null}
        $department=if($row.$departmentLabel -notin $voidChars){$row.$departmentLabel}else{$null}
        $division=if($row.$divisionLabel -notin $voidChars){$row.$divisionLabel}else{$null}
        $givenEmail=$row.$emailLabel
        $proxyEmail=$user.SamAccountName+$proxyEmailSuffix
        $primaryEmail=$user.SamAccountName+$primaryEmailSuffix
        $oldEmail=$user.EmailAddress
        $oldProxyEmails=$user.ProxyAddresses
        $oldProxyEmailsForGapps=$user.proxyAddressesForGapps
        $finalProxyAddresses=.{
          $newProxyEmails=@("SMTP:$primaryEmail","smtp:$proxyEmail","smtp:$oldEmail","smtp:$givenEmail")
          [string[]]$x=$oldProxyEmails+$oldProxyEmailsForGapps+$newProxyEmails|?{$_ -and $_ -notlike "*$removeProxyEmailSuffix" -and $_ -notmatch '@{2}' -and $_ -ne 'smtp:'}|select -Unique
          if($x.gettype().Name -ne 'String'){
            [System.Collections.ArrayList]$x=$x
          }else{
            return $x
          }
          $primaryDuplicates=$x|?{$_ -cmatch '^SMTP\:' -and $_ -ne "SMTP:$primaryEmail"}
          $primaryDuplicates|%{$null=$x.Remove("$_")}
          do{ # Not the most efficient algo, but practical enough for a small set of data
            $otherDuplicates=$x|group|?{$_.Count -gt 1}|select -ExpandProperty Group|?{$_ -cne "SMTP:$primaryEmail"}
            $otherDuplicates|select -first 1|%{$null=$x.Remove($_)}
          }until(!$otherDuplicates)
          return $x
        }

        if($description -and $description -ne $user.Description){
          Set-ADUser -Identity $samAccountName -Description $description
          $successes+="Updated Description from '$($user.Description)' to '$description'..."
          write-host "Updated Description from '$($user.Description)' to '$description'..."
        }
        if($office -and $office -ne $user.Office){
          Set-ADUser -Identity $samAccountName -Office $office
          $successes+="Updated Office from '$($user.Office)' to '$office'..."
          write-host "Updated Office from '$($user.Office)' to '$office'..."
        }
        if($jobTitle -and $jobTitle -ne $user.Title){
          set-aduser -Identity $samAccountName -Title $jobTitle
          $successes+="Updated employee job title from '$($user.Title)' to '$jobTitle'..."
          write-host "Updated employee job title from '$($user.Title)' to '$jobTitle'..."
        }
        if($managerDn -and $managerDn -ne $user.Manager){
          set-aduser -Identity $samAccountName -Manager $managerDn
          $successes+="Updated Manager from '$($user.Manager)' to '$managerDn'..."
          write-host "Updated Manager from '$($user.Manager)' to '$managerDn'..."
        }
        if($companyName -and $companyName -ne $user.Company){
          set-aduser -Identity $samAccountName -company $companyName
          $successes+="Updated Company from '$($user.Company)' to '$companyName'..."
          write-host "Updated Company from '$($user.Company)' to '$companyName'..."
        }
        if($department -and $department -ne $user.Department){
          set-aduser -Identity $samAccountName -Department $department
          $successes+="Updated Department from '$($user.Department)' to '$department'..."
          write-host "Updated Department from '$($user.Department)' to '$department'..."
        }
        if($division -and $division -ne $user.Division){
          set-aduser -Identity $samAccountName -Division $division
          $successes+="Updated Division from '$($user.Division)' to '$division'..."
          write-host "Updated Division from '$($user.Division)' to '$division'..."
        }
        if($streetAddress -and $streetAddress -ne $user.StreetAddress){
          Set-ADUser -Identity $samAccountName -StreetAddress $streetAddress
          $successes+="Updated StreetAddress from '$($user.StreetAddress)' to '$streetAddress'..."
          write-host "Updated StreetAddress from '$($user.StreetAddress)' to '$streetAddress'..."
        }
        if($city -and $city -ne $user.City){
          Set-ADUser -Identity $samAccountName -City $city
          $successes+="Updated City from '$($user.City)' to '$city'..."
          write-host "Updated City from '$($user.City)' to '$city'..."
        }
        if($state -and $state -ne $user.State){
          Set-ADUser -Identity $samAccountName -State $state
          $successes+="Updated State from '$($user.State) to '$state'..."
          write-host "Updated State from '$($user.State)' to '$state'..."
        }
        if($postalCode -and $postalCode -ne $user.PostalCode){
          Set-ADUser -Identity $samAccountName -PostalCode $postalCode
          $successes+="Updated PostalCode from '$($user.PostalCode)' to '$postalCode'..."
          write-host "Updated PostalCode from '$($user.PostalCode)' to '$postalCode'..."
        }
        if($country -and $country -ne $user.Country){
          Set-ADUser -Identity $samAccountName -Country $country
          $successes+="Updated Country from $($user.Country) to $country..."
          write-host "Updated Country from $($user.Country) to $country..."
        }
        if($telephone -and $telephone -ne $user.OfficePhone){
          Set-ADUser -Identity $samAccountName -OfficePhone $telephone
          $successes+="Updated OfficePhone from $($user.OfficePhone) to $telephone..."
          write-host "Updated OfficePhone from $($user.OfficePhone) to $telephone..."
        }
        if($extension -and $extension -ne $user.IPPhone){
          Set-ADUser -Identity $samAccountName -IPPhone $extension
          $successes+="Updated IPPhone from $($user.IPPhone) to $extension..."
          write-host "Updated IPPhone from $($user.IPPhone) to $extension..."
        }
        if($displayName -and $displayName -ne $user.DisplayName){
          Set-ADUser -Identity $samAccountName -DisplayName $displayName
          $successes+="Updated DisplayName from $($user.DisplayName) to $displayName..."
          write-host "Updated DisplayName from $($user.DisplayName) to $displayName..."
        }
        if($userInitials -and $userInitials -ne $user.Initials){
          Set-ADUser -Identity $samAccountName -Initials $userInitials
          $successes+="Updated Initials from $($user.Initials) to $userInitials..."
          write-host "Updated Initials from $($user.Initials) to $userInitials..."
        }        
        if($oldEmail -ne $primaryEmail){
          $successes+="updating email addresses from $oldEmail to $primaryEmail..."
          write-host "updating email addresses from $oldEmail to $primaryEmail..."
          Set-ADUser -Identity $samAccountName -EmailAddress $primaryEmail
        }
        if($finalProxyAddresses -and ($oldProxyEmails|out-string) -cne ($finalProxyAddresses|out-string)){
          Set-ADUser -Identity $samAccountName -Clear proxyAddresses          
          $finalProxyAddresses|%{Set-ADUser -Identity $samAccountName -Add @{proxyAddresses = "$_"} }
          $successes+="Updated proxy addresses from '$oldProxyEmails' to '$finalProxyAddresses'..."
          write-host "Updated proxy addresses from '$oldProxyEmails' to '$finalProxyAddresses'..."
        }
        if($finalProxyAddresses -and ($oldProxyEmailsForGapps|out-string) -cne ($finalProxyAddresses|out-string)){  
          Set-ADUser -Identity $samAccountName -Clear proxyaddressesforgapps
          $finalProxyAddresses|%{Set-ADUser -Identity $samAccountName -Add @{proxyaddressesforgapps = "$_"} }
          $successes+="Updated Google proxy addresses from '$oldProxyEmailsForGapps' to '$finalProxyAddresses'..."
          write-host "Updated Google proxy addresses from '$oldProxyEmailsForGapps' to '$finalProxyAddresses'..."
        }
        if($employeeId -and $employeeId -ne $user.EmployeeID){
          set-aduser -Identity $samAccountName -Employeeid $employeeId
          $successes+="Updated EmployeeID from '$($user.EmployeeID)' to $employeeId..."
          write-host "Updated EmployeeID from '$($user.EmployeeID)' to $employeeId..."
        }
        if($password){
          Set-ADAccountPassword -Identity $samAccountName -Reset -NewPassword $password
          $successes+="Updated password for user $samAccountName..."
          write-host "Updated password for user $samAccountName..."
        }
      }else{
        $failures+="WARNING: $firstname $lastName doesn't match any existing AD account."
        write-warning "$firstname $lastName doesn't match any existing AD account."
      }
      
      # Setting the Proxy Address as required for Office 365 and Google Apps
      # If (-not [string]::IsNullOrWhiteSpace($proxyAddresses)){
      #   foreach( $proxyAddress in ( $proxyAddresses -split ';' ) ){
      #     write-host "adding proxy addresses to user $newSamAccountName" -ForegroundColor Yellow
      #     $proxyAddresses=if($emailAddress -eq $proxyEmailAddress){'SMTP:'+$emailAddress}else{@('SMTP:'+$emailAddress,'smtp:'+$proxyEmailAddress)}
      #     # $primaryEmail = 'SMTP:'+"testuser@premierdisability.net"
      #     # $aliasEmail='smtp:'+"testuser@premierdisability.com"
      #     # $proxyAddresses=@($primaryEmail,$aliasEmail)
      #     # Set-ADUser -Identity $newSamAccountName -EmailAddress $primaryEmail   
      #     # get-aduser $userID -properties proxyaddresses | % {$_.proxyaddresses | ? {$_.startswith('SMTP')} | % {$_.substring(5)}}
      #     # get-aduser $userID -properties proxyaddressesforgapps | % {$_.proxyaddressesforgapps | ? {$_.startswith('SMTP')} | % {$_.substring(5)}}         
      #     Set-ADUser -Identity $newSamAccountName -Add @{proxyAddresses = $proxyAddresses}
      #     Set-ADUser -Identity $newSamAccountName -Add @{proxyaddressesforgapps = $proxyAddresses}           
      #     get-aduser -Identity $newSamAccountName -properties emailaddress,proxyaddresses,proxyaddressesforgapps
      #   }
      # } 

    }
    $results=$failures+$successes
    $results|Out-File -FilePath $logFile -Append
  }

  # correcting just the username part, use when necessary
  function setDefaultEmailAddresses{
    
    $existingUsers=if($baseOu){
      #get-aduser - Filter * -searchbase $baseOu
      get-aduser -Filter * -searchbase $baseOu -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,Enabled|?{$_.Enabled -eq $true}
    }else{
      #get-aduser -Filter *
      get-aduser -Filter * -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title,Enabled|?{$_.Enabled -eq $true}
    }
    $count=0
    $totalRecords=$existingUsers.count
    $results=@()
 
    $targetUsers=$existingUsers|?{$_.EmailAddress -notmatch '.com$'}
    foreach ($user in $targetUsers){      
      $samAccount=$user.SamAccountName
      $proxyEmail=$samAccount+$proxyEmailSuffix
      $primaryEmail=$samAccount+$primaryEmailSuffix
      $oldEmail=$user.EmailAddress
      $oldProxyEmails=$user.ProxyAddresses
      $oldProxyEmailsForGapps=$user.proxyAddressesForGapps
      $finalProxyAddresses=.{
        $newProxyEmails=if($primaryEmail -ne $oldEmail -and $proxyEmail -ne $oldEmail){
            @("SMTP:$primaryEmail","smtp:$proxyEmail","smtp:$oldEmail")
        }else{
             @("SMTP:$primaryEmail","smtp:$proxyEmail")
        }
        [string[]]$x=$oldProxyEmails+$oldProxyEmailsForGapps+$newProxyEmails|?{$_}|select -Unique
        if($x.gettype().Name -ne 'String'){
          [System.Collections.ArrayList]$x=$x
        }else{
          return $x
        }
        $primaryDuplicates=$x|?{$_ -cmatch '^SMTP\:' -and $_ -ne "SMTP:$primaryEmail"}
        $primaryDuplicates|%{$null=$x.Remove("$_")}
        $ht = @{}
        $x|%{$ht["$_"]+=1}
        $otherDuplicates=$ht.keys|?{$ht["$_"] -gt 1}
        $otherDuplicates|%{if($_ -cne "SMTP:$primaryEmail"){$null=$x.Remove($_)}}
        return $x
      }
      $count++
      write-host "Checking $samAccount - record $count of $totalRecords"
      $result=@()
      $pass=$true

      if($oldEmail -ne $primaryEmail){
        Set-ADUser -Identity $samAccount -EmailAddress $primaryEmail
        $result+="- Updated primary email address from $oldEmail to $primaryEmail."
        write-host "Updated primary email address from $oldEmail to $primaryEmail."
        $pass=$false
      }else{
        $result+="- Primary email address $oldEmail is unchanged."
        write-host "Primary email address $oldEmail is unchanged."       
      }
      if($($oldProxyEmails|out-string) -ne $($finalProxyAddresses|out-string)){
        Set-ADUser -Identity $samAccount -Clear proxyAddresses
        $finalProxyAddresses|%{Set-ADUser -Identity $samAccount -Add @{proxyAddresses = "$_"} }
        $result+="- Updated proxy addresses from '$oldProxyEmails' to '$finalProxyAddresses'."
        write-host "Updated proxy addresses from '$oldProxyEmails' to '$finalProxyAddresses'."
        $pass=$false
      }else{
        $updateMessages+="- Existing proxy email addresses '$oldProxyEmails' are unchanged."
        write-host "Existing proxy email addresses '$oldProxyEmails' are unchanged."       
      }
      if($($oldProxyEmailsForGapps|out-string) -ne $($finalProxyAddresses|out-string)){  
        Set-ADUser -Identity $samAccount -Clear proxyaddressesforgapps
        $finalProxyAddresses|%{Set-ADUser -Identity $samAccount -Add @{proxyaddressesforgapps = "$_"} }
        $result+="- Updated Google proxy addresses from '$oldProxyEmailsForGapps' to '$finalProxyAddresses'."
        write-host "Updated Google proxy addresses from '$oldProxyEmailsForGapps' to '$finalProxyAddresses'."
        $pass=$false
      }else{
        $result+="- Existing Google proxy email addresses '$oldProxyEmailsForGapps' are unchanged."
        write-host "Existing Google proxy email addresses '$oldProxyEmailsForGapps' are unchanged."       
      }
      if(!$pass){
        $results+=@("$count`: $samAccountName is CHANGED.")+$result
      }else{
        $results+=@("$count`: $samAccountName is unchanged.")
      }
    }
    $results|Out-File -FilePath $logFile -Append
  }
  # setDefaultEmailAddresses

  function checkEmailAddresses{
    $checkingResults=@()
    $existingUsers=if($baseOu){
      #get-aduser - Filter * -searchbase $baseOu
      get-aduser -Filter * -searchbase $baseOu -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title
    }else{
      #get-aduser -Filter *
      get-aduser -Filter * -property SamAccountName,GivenName,Surname,UserPrincipalName,EmailAddress,ProxyAddresses,proxyAddressesForGapps,EmployeeID,Title
    }
    $count=0
    $totalRecords=$existingUsers.count
    foreach ($user in $existingUsers){
      $samAccount=$user.SamAccountName
      $proxyEmail=$samAccount+$proxyEmailSuffix
      $primaryEmail=$samAccount+$primaryEmailSuffix
      $oldEmail=$user.EmailAddress
      $oldProxyEmails=$user.ProxyAddresses
      $oldProxyEmailsForGapps=$user.proxyAddressesForGapps
      $finalProxyAddresses=.{
        $newProxyEmails=if($primaryEmail -ne $oldEmail -and $proxyEmail -ne $oldEmail){
            @("SMTP:$primaryEmail","smtp:$proxyEmail","smtp:$oldEmail")
        }else{
             @("SMTP:$primaryEmail","smtp:$proxyEmail")
        }
        [string[]]$x=$oldProxyEmails+$oldProxyEmailsForGapps+$newProxyEmails|?{$_}|select -Unique
        if($x.gettype().Name -ne 'String'){
          [System.Collections.ArrayList]$x=$x
        }else{
          return $x
        }
        $primaryDuplicates=$x|?{$_ -cmatch '^SMTP\:' -and $_ -ne "SMTP:$primaryEmail"}
        $primaryDuplicates|%{$null=$x.Remove("$_")}
        $ht = @{}
        $x|%{$ht["$_"]+=1}
        $otherDuplicates=$ht.keys|?{$ht["$_"] -gt 1}
        $otherDuplicates|%{if($_ -cne "SMTP:$primaryEmail"){$null=$x.Remove($_)}}
        return $x
      }
      $count++
      write-host "Checking $samAccount - record $count of $totalRecords"
      $pass=$true
      $checkingResult=@()
      if($primaryEmail -ne $oldEmail){
        $checkingResult+="- Existing email '$oldEmail' does not match '$primaryEmail'"
        $pass=$false
      }
      if($($oldProxyEmails|out-string) -ne $($finalProxyAddresses|out-string)){
        $checkingResult+="- Proxy Email Addresses: '$oldProxyEmails' does not match '$finalProxyAddresses'"
        $pass=$false
      }
      if($($oldProxyEmailsForGapps|out-string) -ne $($finalProxyAddresses|out-string)){
        $checkingResult+="- Google Proxy Email Addresses: '$oldProxyEmailsForGapps' does not match '$finalProxyAddresses'"
        $pass=$false
      }
      if(!$pass){
        $checkingResults+=@("Username: $samAccount")+$checkingResult
      }
    }
    # write-output $checkingResults
    $checkingResults|Out-File -FilePath $logFile -Append
  }

  function updateManagers{
    if($updateManagers){
      $progress+="Updating Managers DNs..."
      write-host "Updating Managers DNs..."
      foreach ($row in $csvContents) {
        try{      
          if($row.newManagerDN -notin $voidChars -and $row.SamAccountName){
            Set-ADUser $row.SamAccountName -Manager $row.newManagerDN
            $progress+="$($row.SamAccountName) Manager DN has been updated..."
          }else{
            $progress+="$($row.SamAccountName) is skipped..."
          }
        }catch{
          $progress+="$($row.SamAccountName) Manager DN update has failed with this error: $_"
        }
      }
    }
  }
}

Leave a Reply

Your email address will not be published. Required fields are marked *