## p4add-newuser ## aaron bockelie <# .SYNOPSIS Adds a new user to the perforce server, based on an existing AD user. .DESCRIPTION This function automates adding a new user to the perforce server. It requires that an existing matching user object is available in Active Directory. This function also enrolls the user into the primary auth group of the server. .EXAMPLE This example adds the user to the perforce server. [PS] p4add-newuser amanda.dunkle Name Type DN ---- ---- -- Dunkle, Amanda user CN=Dunkle\, Amanda,OU=IT,OU=Users,OU=SiteName,DC=company,DC=com Dunkle, Amanda user CN=Dunkle\, Amanda,OU=IT,OU=Users,OU=SiteName,DC=company,DC=com amanda.dunkle added to p4infosys on server infosys Group p4infosys updated. User amanda.dunkle saved. .PARAMETER userobject The required username in samaccountname format. samaccountname is used since it is a unique name in the domain. .FUNCTIONALITY Use this command to enroll an existing user into a server. #> Function p4add-newuser {param([Parameter(Mandatory = $true)][array]$userobject,[switch]$silent,[switch]$force,$primarygroupoverride)#begin function p4add-user $result = @() #intialize result array. (errors, info, etc) $servercheck = p4get-server if ($servercheck.pingsuccess.equals($true)) { $user = $null $authparentgroup = p4get-group ("p4" + $servercheck.server) $authchildgroups = p4get-authgroups foreach ($username in $userobject) { $user = get-qaduser -samaccountname $username if ($user -eq $null) { $message = "User " + $username + " not found in Active Directory." write-error $message -category ObjectNotFound } else { foreach ($group in $authchildgroups) { $groupmembership = get-qadgroupmember $group | ?{$user.samaccountname -eq $_.samaccountname} if ($groupmembership) { if ($primarygroupoverride) { $primarygroup = $primarygroupoverride } else { $primarygroup = $group.name } if ($authchildgroups.count -ge 2) { $warning = "More than one primary auth group is available. The first valid auth group will be chosen.`r`n" } if ($silent.ispresent -eq $false) { $warning += "Primary auth group `'" + $primarygroup + "`' has been selected for user `'" + $user.samaccountname + "`'" write-warning $warning } break } else { $primarygroup = $authparentgroup.group } } add-qadgroupmember $primarygroup $user.samaccountname >$null if ((p4get-user $username) -ne $null) #if the user already exists in perforce, skip creating it, unless we force it. { if ($force.ispresent -eq $true) #if we are forcing a user create, do it anyway. { if (!$user.email) { $user.email = $user.samaccountname + "@nodomain.null" } $file = p4add-userspec -displayname $user.displayname -username $user.samaccountname -email $user.email $result += $file | p4 user -i -f >$null #feed a pre-created form to the perforce new user function } else { #otherwise, just throw a warning and don't create the object. if ($silent.ispresent -eq $false) #if a silent flag isn't set, be loud about it. { $warning = "Perforce user account `'" + $username + "`' already exists." write-warning $warning } } } else { #else, if the user does not exist in perforce, just create the object. if (!$user.email) { $user.email = $user.samaccountname + "@nodomain.null" } $file = p4add-userspec -displayname $user.displayname -username $user.samaccountname -email $user.email $result += $file | p4 user -i -f >$null #feed a pre-created form to the perforce new user function } if ($silent.ispresent -eq $false) { p4add-groupmember -users $user.samaccountname -group $primarygroup } else { p4add-groupmember -users $user.samaccountname -group $primarygroup -silent } } } } if ($silent -eq $false) #if silent is false, send result. { $result } }#end function p4add-user