0

Need to write a script to take an input file (text) list of names, check if it exists in AD, and create new computers.

The requirements are as follows -

  • Computer names are based on the users name (input from file)
  • Names must be 15 characters (for name resolution)
  • if the truncated name doesnt exist, create a computer object in specific OU with the truncated name.
  • If the truncated name does exist, append -# and test to see if it exists until it finds one that doesnt, then create new computer object with that name.

At the end I will need to output the results to an array but I haven't started adding that yet since this doesn't work.

So I finally got the "else" part but the if part at the beginning does not work. 

$users = get-content C:\scriptdata\VMS.txt
$OU = ************
foreach ($user in $users) 
{
    $cleanname = if ($user.Length -gt 15) { $user.Substring(0, 15) } else { $user }
    $exist = (get-adcomputer $cleanname) -eq $null
    if ((get-adcomputer $cleanname) -like "get-adcomputer : Cannot find an object with identity")
        {
            New-ADComputer -Name $cleanname -Path "$OU" -SAMAccountName $cleanname -confirm
        }
    else
        {
            $count=0
            DO{
            $count++
            $cleanname13 = if ($user.Length -gt 13) { $user.Substring(0, 13) } else { $cleanname }
            $cleannamedash = $cleanname13 + '-' + "$count"
        }
            UNTIL ((get-adcomputer $cleannamedash | out-null) -eq $null)
            New-ADComputer -Name $cleannamedash -Path "$OU" -SAMAccountName $cleannamedash -confirm
        }
}

currently works for -# but not for those that dont exist at all.

Improve this question
0

2 Answers 2

Reset to default
1

Have a look at Naming conventions in Active Directory for computers, domains, sites, and OUs.
You'll find that there is more to a valid computer name than just the length.

Mind that the New-ADComputer cmdlet creates a new computer object, but does not join a computer to a domain.

Something like this should work (untested)

$computers = Get-Content C:\scriptdata\VMS.txt | Where-Object { $_ -match '\S'}
$OU = ************

foreach ($name in $computers) {
    $newName = ($name -creplace '[\\/:*?"<>|.]','').Substring(0, 15)
    try {
        $computer = Get-ADComputer -Filter "Name -eq '$newName'" -PassThru -ErrorAction Stop
    }
    catch {
        $computer = $null
    }
    if ($computer) {
        # a computer with that name already exists, create a new name by adding a dash and two digit number
        $count = 0
        $name12 = $newName.Substring(0, 12)   # we're going to add three characters
        # get an array of computernames that are like the one you want to create
        $existingComputers = Get-ADComputer -Filter "Name -like '$name12-*'" | Select-Object -ExpandProperty Name
        do {
            $newName = '{0}-{1:00}' -f $name12, ++$count
        }
        until ($existingComputers -notcontains $newName -or $count -gt 99)

        if ($count -gt 99) {
            $newName = '{0}-XX' -f $name12
            throw "Cannot create computer $newName because all index numbers 00..99 are taken.."
        }
    }


    # use splatting, because New-ADComputer has MANY parameters
    $props = @{
        'Name'           = $newName
        'Path'           = $OU
        'SamAccountName' = $newName
        'Enabled'        = $true
        'Confirm'        = $true
    }

    Write-Host "Creating computer '$newName'"
    New-ADComputer @props
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I assume you mean that this is the line that's not working:

if ((get-adcomputer $cleanname) -like "get-adcomputer : Cannot find an object with identity")

And even this doesn't work:

$exist = (get-adcomputer $cleanname) -eq $null

The reason is the same in both cases: If the computer doesn't exist, then Get-ADComputer throws an exception and the comparison is never done.

There is a good article about this here, but in short, the solution is to catch the exception. For you, it would look something like this:

try {
    $computer = Get-ADComputer $cleanname
    # If we get here, we know it exists
    # You can put your loop here and just keep looping until Get-ADComputer throws an exception
}
catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
{
    # Whatever you last tried doesn't exist. Create it here.
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.