PowerShell: Move Computer Objects in Active Directory

Version 2

# MoveComputers.ps1
# Version 0.0.2
# Obtain credentials being passed by Jenkins
# $username=$env:username
# $password=$env:password
# $encryptedPassword=ConvertTo-SecureString $password -AsPlainText -Force
# $credentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $userName,$encryptedPassword;

# Jump box
# $jumpBox='JUMPBOX'

# User Input variables
$directives=@()
$directives+=[pscustomobject]@{
    fromContainer = "CN=Computers,DC=kimconnect,DC=com"
moveToContainer='OU=Computers,OU=Accounting,DC=kimconnect,DC=com'
    computerNamePrefix='^(ACC-)'
}
$directives+=[pscustomobject]@{
    fromContainer = "CN=Computers,DC=DC=kimconnect,DC=com"
moveToContainer='OU=Computers,OU=Marketing,DC=DC=kimconnect,DC=com'
    computerNamePrefix='^(MKT-)'
}

function moveComputers{
    param(
        [string]$fromContainer,
        [string]$moveToContainer,
        [string]$computerNamePrefix
    )
    try{
        Import-Module ActiveDirectory
        $computerNamePrefix=$computerNamePrefix.toupper()
        $unassignedComputers=Get-ADComputer -Filter * -SearchBase $fromContainer
        $matchedComputers=if($unassignedComputers){$unassignedComputers|?{$_.Name.tostring().ToUpper() -match $computerNamePrefix}}else{$null}
        $movedComputers=@()
        if($matchedComputers){            
            $matchedComputers|%{
                write-host "Moving $($_.Name) $($_.ObjectGUID)..."
                try{
                    Move-ADObject -Identity $_.ObjectGUID -TargetPath $moveToContainer
                    $movedComputers+=$_.Name
                }catch{
                    Write-Warning $_
                }
            }
            if($movedComputers){
                write-host "These computers have been moved from $fromContainer to $moveToContainer`:`r`n$(($movedComputers|out-string).trim())"
            }else{
                write-host "No computers were moved."
            }
        }else{
            write-host "No computers were found in $fromContainer matching $computerNamePrefix. That's good."
        }
        return $true
    }catch{
        write-warning $_
        return $false
    }
}
function invokeMoveComputers{
    param(
        [string]$fromContainer,
        [string]$moveToContainer,
        [string]$computerNamePrefix,
        [string]$jumpBox,
        [pscredential]$credentials
    )
    $session=New-PSSession $jumpBox -Credential $credentials
    try{
        if($session.State -eq 'Opened'){
            invoke-command -Session $session -ScriptBlock{
                param($moveComputers,$fromContainer,$moveToContainer,$computerNamePrefix)
                [scriptblock]::create($moveComputer).invoke($fromContainer,$moveToContainer,$computerNamePrefix)
            } -args $function:moveComputers,$fromContainer,$moveToContainer,$computerNamePrefix
            Remove-PSSession $session
        }else{
            moveComputers $fromContainer $moveToContainer $computerNamePrefix
        }
    }catch{
        Write-Warning $_
        return $false
    }
}

$directives|%{
    if($jumpBox -and $credentials){
        invokeMoveComputers $_.fromContainer $_.moveToContainer $_.computerNamePrefix $jumpBox $credentials
    }else{
        moveComputers $_.fromContainer $_.moveToContainer $_.computerNamePrefix
    }
}

Version 1

# MoveComputers.ps1
# Version 0.0.1
# Obtain credentials being passed by Jenkins
$username=$env:username
$password=$env:password
$encryptedPassword=ConvertTo-SecureString $password -AsPlainText -Force
$credentials = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $userName,$encryptedPassword;

# Jump box
$jumpBox='DC02.kimconnect.net'

# User Input variables
[string]$fromContainer = "CN=Computers,DC=kimconnect,DC=net"
[string]$moveToContainer='OU=Computers,OU=Accounting,OU=Divisions,DC=kimconnect,DC=net'
[string]$computerNamePrefix='^(ACC-)'

function invokeMoveComputers{
    param(
        [string]$fromContainer,
        [string]$moveToContainer,
        [string]$computerNamePrefix,
        [string]$jumpBox,
        [pscredential]$credentials
    )
function moveComputers{
    param(
        [string]$fromContainer,
        [string]$moveToContainer,
        [string]$computerNamePrefix
    )
    try{
        Import-Module ActiveDirectory
        $computerNamePrefix=$computerNamePrefix.toupper()
        $unassignedComputers=Get-ADComputer -Filter * -SearchBase $fromContainer
        $matchedComputers=if($unassignedComputers){$unassignedComputers|?{$_.Name.ToUpper() -match $computerNamePrefix}}else{$null}
        if($matchedComputers){
            Move-ADObject -Identity $matchedComputers.ObjectGUID -TargetPath $moveToContainer
            write-host "These computers have been moved from $fromContainer to $moveToContainer`:`r`n$($matchedComputers.Name|out-string)"
        }
        return $true
    }catch{
        write-warning $_
        return $false
    }
}

$session=New-PSSession $jumpBox -Credential $credentials
try{
    if($session.State -eq 'Opened'){
        invoke-command -Session $session -ScriptBlock{
            param($moveComputers,$fromContainer,$moveToContainer,$computerNamePrefix)
            [scriptblock]::create($moveComputer).invoke($fromContainer,$moveToContainer,$computerNamePrefix)
        } -args $function:moveComputers,$fromContainer,$moveToContainer,$computerNamePrefix
        Remove-PSSession $session
    }else{
        moveComputers $fromContainer $moveToContainer $computerNamePrefix
    }
    return $true
}catch{
    Write-Warning $_
    return $false
}
}

invokeMoveComputers $fromContainer $moveToContainer $computerNamePrefix $jumpBox $credentials

Leave a Reply

Your email address will not be published. Required fields are marked *