There are a lot of reasons for my deep love affair with Powershell. Why I find myself want to delve into it more each and every day.
Those late nights at the office, just me and a cup of hot coffee with my Mistress, Powershell
The one thing it can introduce into ANY environment. Consistency.
Now Group Policy and Desktop Standardization help a lot. But A Good Powershell Script for User Creation can REALLY make the day.
I create users. My job calls for it. I unlock accounts, disable accounts, delete accounts. I like to be consistent with what I do every time. Whenever possible. Keeps me happy. Keeps users happy.
And the more efficient I can be (or the lazier, depending on how you’d like to view it 😉 ) the Better.
So my task was to build a “Superscript” in Powershell. Really it’s task was simple. Create a user in Exchange, OCS and Active Directory but have all the field populated in ONE shot. This would allow me to create multiple users consistently, and without fuss.
My tools at hand were the Microsoft Exchange Management Shell and the ActiveRoles Management Shell for Active Directory from Quest.
There wasn’t a Powershell console for OCS 2007 R2 but thanks to this Great article on Powergui.org written by the best of the best, it wasn’t needed.
So task one. Getting my Exchange Management Tools and my Active Directory Management tools into one shell. That’s actually quite easy. You add the Powershell Management Snapins.
But how do you get and use those?
When you are in a particular console, Say “Exchange Management Console”; you can run a command called GET-PSSnapin. The one near the bottom is most likely (but not definitely) the name of the snap-in you want. But usually the names are very obvious and descriptive
As you can see in the Window above there is a Snapin named “Microsoft.Exchange.Management.Powershell.Admin”
All YOU need to do to use that in ANY other Powershell console (Provided of course the Exchange Administrator Tools are installed on that machine is type
ADD-PSSNAPIN –name Microsoft.Exchange.Management.Powershell.Admin
Now in my world, I love using my ActiveRoles from Quest for working with Active Directory. Simply Unlocking a user is a Quick command line. So I wanted these two together. PERMANENTLY. I like creating users from the Microsoft Exchange Tools since it’s stock Microsoft, creates my SID’s right, Enables the user in Exchange 2007 the ways it’s supposed to be.
Then I use Quest ActiveRoles to manipulate all the other important details. It’s an excellent tool for that and other needs.
To make it permanent I had to look at the shortcut for launching Quest’s console in Powershell
In this shortcut is it’s command line
%SystemRoot%system32WindowsPowerShellv1.0powershell.exe -psconsolefile "%ProgramFiles%Quest SoftwareManagement Shell for ADConsoleSettings.psc1" -noexit -command ". ‘%ProgramFiles%Quest SoftwareManagement Shell for ADqsft.ps1’"
But really all it’s doing is launching a Powershell Script called “qsft.ps1” and a customized Console called “ConsoleSettings.psc1”
And if you go in the that file called “ConsoleSettings.psc1” it’s just a standard editable Text/XML file. Notepad is your friend for this next task but you HAVE to run it in Elevated Administrator mode (Run as Administrator) in order to edit and save the file. So here’s the contents
Now all *YOU* have to do is add the name of your SNAPIN to it’s list to have both running under the same Console everytime you run Quest ActiveRoles.
Simply add in a
<PSSnapIn Name=”NameofthatSnapinYouFoundWhenYouTypedGetPSSnapin” />
Just before the line marked
So with Exchange Snapin it will look like this
Now as you can see I got carried away and added in my Snapin for Virtual Machine Manager 2008 as well. You’re not limited to how many you can add in to preload. Be careful too. Too much power in that Console COULD be dangerous. Add in what you use on a regular basis to make your admin tasks easier.
Once you save that new Console file, everytime you fire up YOUR copy of Quest ActiveRoles for Active Directory, you’ll REALLY be able to flex some Powershell Muscle.
Next time, I’ll show you WHY I went through this effort. 🙂
The Energized Tech