I am creating a script to create users on a domain for one of my clients (NHS in the UK), however it currently refuses to create the AD User & exchange account if the user has a First & Second Name that Already Exists within the AD.
I have already bypassed username duplication by adding a number onto the end of the usernames if they already exist. However, if the first / second name is duplicated it will not create the account.
$DisplayName = $Surname + " " + $GivenName
$Mail = $GivenName + "." + $Surname + "@" + "royalberkshire.nhs.uk"
$MailAlias = $GivenName + "." + $Surname + "@" + $DNSRoot2
$SInitial = $Surname[0]
$Initial = $GivenName[0]
$SAMAccountName = $Surname + "" + $Initial
$SAMAccountLower = $SAMAccountName.ToLower()
$UserPrincipalName = $Surname+$Initial
$HD = "U"
$HDir = "\\RBHFILRED002\"
$AC = "Users_01$\"
$DH = "Users_02$\"
$IM = "Users_03$\"
$NS = "Users_04$\"
$TZ = "Users_05$\"
$Folder = if ($SInitial -in 'a','b','c'){$AC}
elseif ($SInitial -in 'd','e','f', 'g','h'){$DH}
elseif ($SInitial -in 'i','j','k', 'l','m'){$IM}
elseif ($SInitial -in 'n','o','p', 'q','r','s'){$NS}
else {$TZ}
$group1 = "zz Everyone"
$group2 = "Safeboot Domain Users"
$defaultname = $SAMAccountName
$email = $GivenName + "." + $Surname
$i = 1
cls
while ((Get-ADUser -Identity $SAMAccountName -ErrorAction SilentlyContinue) -ne $null) {
$SamAccountName = $defaultname + [string]$i
$Mail = $email + [string]$i + "@" + "royalberkshire.nhs.uk"
$i++
}
$NewUserParams = @{
Path = "OU=Users,OU=RBFT,DC=rbbh-tr,DC=nhs,DC=uk"
SamAccountName = $SAMAccountName
Name = $DisplayName
DisplayName = $DisplayName
GivenName = $GivenName
Surname = $Surname
EmailAddress = $Mail
UserPrincipalName = "[email protected]"
Title = $title
HomeDrive = $HomeDrive
HomeDirectory = "$HDir$Folder$SAMAccountName"
Description = $Description
ChangePasswordAtLogon = $true
PasswordNeverExpires = $false
AccountPassword = $defpassword
Enabled = $true
}
New-ADUser @NewUserParams
Add-ADGroupMember -Identity $group1 -Members $SAMAccountName
Start-Sleep -s 10
Add-ADGroupMember -Identity $group2 -Members $SAMAccountName
cls
echo "Please Wait Whilst We Find The AD Account & Create The Exchange Mailbox.."
Start-Sleep -s 30
Enable-Mailbox -Identity $SAMAccountName
cls
Any Ideas?
EDIT 1 - Error output:
Name : Microsoft.Exchange.Management.PowerShell.E2010 PSVersion : 1.0 Description : Admin Tasks for the Exchange Server Name : Microsoft.Exchange.Management.Powershell.Support PSVersion : 1.0 Description : Support Tasks for the Exchange Server This tool is to be used for creating User Accounts for the RBFT Domain under Ultima Business Solutions only. If this applies, please hit any key to continue. Get-ADUser : Cannot find an object with identity: 'TimmsJ1' under: 'DC=rbbh-tr,DC=nhs,DC=uk'. At C:\Users\timmsj\Desktop\Scripts\User_Creation\RBFT_UC_Dev.ps1:140 char:9 + While ((Get-ADUser -Identity $SAMAccountName -ErrorAction SilentlyCon ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (TimmsJ1:ADUser) [Get-ADUser], ADIdentityNotFoundException + FullyQualifiedErrorId : Cannot find an object with identity: 'TimmsJ1' u nder: 'DC=rbbh-tr,DC=nhs,DC=uk'.,Microsoft.ActiveDirectory.Management.Comm ands.GetADUser New-ADUser : An attempt was made to add an object to the directory with a name that is already in use At C:\Users\timmsj\Desktop\Scripts\User_Creation\RBFT_UC_Dev.ps1:166 char:1 + New-ADUser @NewUserParams + ~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (CN=Timms James,...tr,DC=nhs,DC=uk:String) [New-ADUser], ADException + FullyQualifiedErrorId : An attempt was made to add an object to the dire ctory with a name that is already in use,Microsoft.ActiveDirectory.Managem ent.Commands.NewADUser Add-ADGroupMember : Cannot find an object with identity: 'TimmsJ1' under: 'DC=rbbh-tr,DC=nhs,DC=uk'. At C:\Users\timmsj\Desktop\Scripts\User_Creation\RBFT_UC_Dev.ps1:167 char:1 + Add-ADGroupMember -Identity $group1 -Members $SAMAccountName + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (TimmsJ1:ADPrincipal) [Add-ADGro upMember], ADIdentityNotFoundException + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Micros oft.ActiveDirectory.Management.Commands.AddADGroupMember Add-ADGroupMember : Cannot find an object with identity: 'TimmsJ1' under: 'DC=rbbh-tr,DC=nhs,DC=uk'. At C:\Users\timmsj\Desktop\Scripts\User_Creation\RBFT_UC_Dev.ps1:169 char:1 + Add-ADGroupMember -Identity $group2 -Members $SAMAccountName + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (TimmsJ1:ADPrincipal) [Add-ADGroupMember], ADIdentityNotFoundException + FullyQualifiedErrorId : SetADGroupMember.ValidateMembersParameter,Microsoft.ActiveDirectory.Management.Commands.AddADGroupMember Please Wait Whilst We Find The AD Account & Create The Exchange Mailbox.. Enable-Mailbox : The operation couldn't be performed because object 'TimmsJ1' couldn't be found on 'rbhdc8red002.rbbh-tr.nhs.uk'. At C:\Users\timmsj\Desktop\Scripts\User_Creation\RBFT_UC_Dev.ps1:175 char:1 + Enable-Mailbox -Identity $SAMAccountName + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (0:Int32) [Enable-Mailbox], Manage mentObjectNotFoundException + FullyQualifiedErrorId : 637D7B43,Microsoft.Exchange.Management.Recipient Tasks.EnableMailbox Username: TimmsJ1 Password: Welcome123 Email: [email protected] Job Title - Department: Test - Ultima Home Directory: \\RBHFILRED002\Users_05$\TimmsJ1 You will need to manually set the new user's group memberships. Please Do This Before Sending The User's Account Details. Press Any Key To Close