Active Directory Filespace user creation PowerShell script

  • Updated

Simple but effective Active Directory Filespace user creation and synchronization PowerShell script.

Exports all domain users from a domain controller. Alternatively requires domain connected machine with Active Directory module or Remote Server Administration Tools (RSAT) installed.

Generates a unique Filespace user and password along with outputting a report containing tab/comma-separated credentials.

To query a specific domain, child or organizational unit specify the directory path, for example an organizational unit called "staff" within domain components of "lucidlink.local" refine the search criteria:

Get-ADUser -Filter 'userPrincipalName -like "*"' -SearchBase "OU=staff,DC=lucidlink,DC=local" | Select-Object userPrincipalName

Note: you must be connected to your Filespace as Root user. Provide your users their default password and encourage them to change their password or force via `--user-force-pwd-change`.

import-module activedirectory

write-host "Exports all domain users from a domain. Imports a unique Filespace user and password. Writes a report containing tab/comma-separated credentials."
write-host
write-host "Note: you must be connected to your Filespace as Root user"
write-host
$securerootpwd = Read-Host "Enter your root Password" -AsSecureString # securely capture Filespace root password

$aduser = Get-ADUser -Filter 'userPrincipalName -like "*"' | Select-Object userPrincipalName # query current connected domain 
$aduser = $aduser -replace("@{userPrincipalName=",""); $aduser = $aduser -replace("}","") # a little rough cleanup

$date = Get-Date -Format MM-dd-yyyy
$time = get-date -Format HH.mm.ss
$datetime = $date + "_" + $time

foreach ($user in $aduser) {
    
    $fsusr = $user # separate each AD user into Filespace user
    $fspwd = ("!@#$%^&*0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz".tochararray() | sort {Get-Random})[0..10] -join '' # generate unique Filespace user password

    write-output "$fsusr`t,`t$fspwd" | out-file -filepath .\lucid_acl_report_$datetime.txt -append # output Filespace users, default passwords into tab/comma-separated report
    
    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($securerootpwd)
    $rootpwd = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr) #convert root password secure string

    start-Process -WindowStyle hidden -FilePath "C:\Program Files\Lucid\Resources\Lucid.exe" -ArgumentList "user --create $fsusr --user-password $fspwd --password $rootpwd" -Wait # create individual Filespace users with unique password
}

Usage: 

./ADimport.ps1
 
 

Was this article helpful?

0 out of 0 found this helpful