SharePoint in conjunction with PowerShell establishes into separation automation (iv)

Source: Internet
Author: User
Tags mailmessage smtpclient

* * First of all, the separation of the script is more complex, about 300 lines, if you have difficulty understanding, you can according to comments, segmented study! Do not copy directly, after all, the operation of leaving the impact is quite large * *

The script workflow is as follows, you can save it as a PS1 when you use it, and then put it in the task plan:



#定义管理凭据
$pwd = " 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000035bf6730bcdda4eb12ed62660d5faed0000000002000000000003660000c000000010000 0003ded59f253f488bd909320e6e53a89f30000000004800000a000000010000000709d6c5a15f7068c51c8a353ee79debb200000002cf42d5be95b64 Cc1c34489e330dc9a08f55d2e06474cadafa78c73c31e29c3d140000005ce706d435eb1d445cac9d1fc9ebe0ded07fbe75 "
$Password = convertto-securestring-string $pwd
$Credential = New-object System.Management.Automation.PSCredential ("Domain\admin", $Password)
#导入AD \sharepoint snap-in and modules
Import-module ActiveDirectory
Add-pssnapin Microsoft.SharePoint.PowerShell
#加载SharePoint用户配置文件管理服务
[System.reflection.assembly]::loadwithpartialname ("Microsoft.Office.Server")
[System.reflection.assembly]::loadwithpartialname ("Microsoft.Office.Server.UserProfiles")
$contextWeb = New-object Microsoft.SharePoint.SPSite ("http://sharepoint:41843")
$ServerContext = [Microsoft.office.server.servercontext]::getcontext ($CONTEXTWEB)
$UserProfileManager = New-object Microsoft.Office.Server.UserProfiles.UserProfileManager ($ServerContext)
$Profiles = $UserProfileManager. GetEnumerator ()
#建立Ex \lync Implicit session
$ExSession = New-pssession-configurationname Microsoft.exchange-connectionuri http://mail.domain.cn/PowerShell/- Credential $Credential-authentication Kerberos
Import-pssession $ExSession
$LyncSession = New-pssession-connectionuri https://sip.domain.cn/OcsPowerShell-Credential $Credential
Import-pssession $LyncSession
#定义报表头
$ReportPath = "C:\Scripts\AutoDismission\";
$DeleteName = "autodelete_$ (get-date-format mmddhhmm). html";
$ReportName = "autodismission_$ (get-date-format mmddhhmm). html";
$ServiceReport = $ReportPath + $ReportName
$DeleteReport = $ReportPath + $DeleteName
$RedColor = "#FF0000"
$WhiteColor = "#FFFFFF"

$Header  =  "        

Add-content $ServiceReport $Header
Add-content $DeleteReport $Header

$TableHeader = "<table width= ' 100% ' ><tbody> <tr bgcolor= #CCCCCC > <td width= ' 15% ' align= ' Center ' > Accounts </td> <td width= ' 25% ' align= ' center ' > Apps </td> <td width= ' 25% ' align= ' center ' > Status </td > </tr> "

Add-content $ServiceReport $TableHeader
Add-content $DeleteReport $TableHeader

#查询SharePoint入职开通应用中的Item信息
$SPWeb = get-spweb-identity http://sp.domain.cn
$SPList = $SPWeb. GetList ("/lists/list7")
#定义邮件通知函数
Function send-message ($Creater, $ServiceReport)
{
$SmtpClient = New-object System.Net.Mail.SmtpClient
$SmtpClient. useDefaultCredentials = $False
$SmtpClient. Credentials = New-object System.Net.NetworkCredential ("[Email protected]", "[email protected]")
$SmtpClient. Host = "mail.domain.cn"
$MailMessage = New-object System.Net.Mail.MailMessage
$MailMessage. From = "[Email protected]"
$MailMessage. To.add ("[email protected]")
$Mailmessage. Cc.add ($Creater)
$MailMessage. Subject = "Resignation processing report"
$MailMessage. isbodyhtml = $True
$MailMessage. Body = Get-content $ServiceReport
$SmtpClient. Send ($MailMessage)
}
Function Send-adminmessage
{
$SmtpClient = New-object System.Net.Mail.SmtpClient
$SmtpClient. useDefaultCredentials = $False
$SmtpClient. Credentials = New-object System.Net.NetworkCredential ("[Email protected]", "[email protected]")
$SmtpClient. Host = "mail.domain.cn"
$MailMessage = New-object System.Net.Mail.MailMessage
$MailMessage. From = "[Email protected]"
$MailMessage. To.add ("[email protected]")
$MailMessage. Subject = "Account Deletion report"
$MailMessage. isbodyhtml = $True
$MailMessage. Body = Get-content $DeleteReport
$SmtpClient. Send ($MailMessage)
}

#定义空数组用于存储禁用状态
$FormatEnumerationLimit = 1
$UserReport = @ ()
$Recipients = @ ()
$DeleteResult = @ ()
#遍历SharePoint入职开通页面上的所有Item

Foreach ($UserInfo in $SPList. Items)
{
# $UserInfo. GetFormattedValue ("Employee Account")-match ' sip= ' (? <account>[\w\w]*) ' ID '
# $Account = $Matches. Account.split ("@") [0]
$DisplayName = $UserInfo ["Employee Account"]. Split ("#") [1]
$Account = (Get-aduser-filter {displayname-eq $DisplayName}). sAMAccountName

$User = @ ()
$User +=[pscustomobject]@{
account = $Account
Dismdate = $UserInfo ["Separation Date"]
Company = $UserInfo ["Companies"]
Approve = $UserInfo. Workflows.statustext
Disabled = $UserInfo ["Disabled state"]
Deleted = $UserInfo ["Delete state"]
creater = $UserInfo ["creator"]. Split ("#") [1]
}
if ($User. Approve-eq "Approved"-and $User. Disabled-eq $False-and (get-date)-ge $User. Dismdate-and (get-date)-lt $User. Di Smdate.adddays (30))
{
$Creater = $User. creater
$Recipients + = (Get-aduser-filter {displayname-eq $Creater}-properties emailaddress). EmailAddress
Try
{
Get-aduser-identity $User. Account-properties * | FL | Out-file-filepath "C:\Scripts\AutoDismission\$ ($User. Account)-$ (get-date-format" YyyyMMdd "). Txt "
Disable-adaccount-identity $User. Account-erroraction Stop
Switch ($User. Company)
{"A" {$OU = "OU=_DISABLED,OU=A,DC=DOMAIN,DC=CN"}
"B" {$OU = "OU=_DISABLED,OU=B,DC=DOMAIN,DC=CN"}}
Move-adobject-identity $ (Get-aduser $User. account)-targetpath $OU
$UserReport + = [pscustomobject]@{
accounts = $User. Account
application = "AD account"
Status = "Deactivated"
}
#移除部门组
$Group = (get-aduser-identity $User. Account-properties MemberOf). MemberOf | Get-adgroup
$Group | Remove-adgroupmember-members $User. Account-confirm: $False

#尝试隐藏邮箱
try{
Set-mailbox-identity $User. account-hiddenfromaddresslistsenabled $True
$UserReport + = [pscustomobject]@{
accounts = $User. Account
App = "Exchange Mailbox"
Status = "Deactivated"
}
}
catch{
$UserReport + = [pscustomobject]@{
accounts = $User. Account
App = "Exchange Mailbox"
Status = "Disable Failed"
}
}
#尝试禁用Lync
try{
Disable-csuser-identity $User. Account-confirm: $False-erroraction Stop
$UserReport + = [pscustomobject]@{
accounts = $User. Account
App = "Lync Account"
Status = "Deactivated"
}
}
catch{
$UserReport + = [pscustomobject]@{
accounts = $User. Account
App = "Lync Account"
Status = "Disable Failed"
}
}
#更新禁用信息
$UserInfo ["disabled state"] = $True
$UserInfo. Update ()
}
Catch
{
$UserReport + = [pscustomobject]@{
accounts = $User. Account
application = "AD account"
Status = "Disable failed, please check account information"
}
}
}
ElseIf ($User. Approve-eq "Approved"-and $User. Disabled-eq $True-and $User. Deleted-eq $False-and (get-date)-ge $User. Dismd Ate. AddDays ("30"))
{
$Profiles = $UserProfileManager. GetEnumerator ()
$DismUserProfile = $Profiles | Where-object {$_. Multiloginaccounts-eq "domain\$ ($User. account)"}
#删除SharePoint个人站点
if ($DismUserProfile. Personalsite-ne $Null)
{
Try {
$DismUserProfile. Personalsite.delete ()
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
App = "SharePoint Personal Site"
Status = $True
}
}
Catch
{
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
App = "SharePoint Personal Site"
Status = $False
}
}
}
#删除SharePoint用户配置文件
if ($DismUserProfile-ne $Null)
{
Try
{
$UserProfileManager. Removeuserprofile ("domain\$ ($User. Account)")
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
application = "SP profile"
Status = $True
}
}
Catch
{
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
application = "SP profile"
Status = $False
}
}
}
#删除SP账户
try{
# $DisplayName = get-aduser-identity $User. Account-properties DisplayName
$SPUser = Get-spuser-web "http://sp.domain.cn" | Where-object {$_. Displayname-eq $DisplayName}
Remove-spuser-web "http://sp.domain.cn"-identity $SPUser-erroraction stop-confirm: $false
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
App = "SharePoint Account"
Status = $True
}
}
Catch
{
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
App = "SharePoint Account"
Status = $False
}
}
#删除AD账户
Try
{
Get-aduser $User. Account | Remove-adobject-recursive-confirm: $False-erroraction Stop
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
application = "AD account"
Status = $True
}
}
Catch
{
$DeleteResult +=[pscustomobject]@{
accounts = $User. Account
application = "AD account"
Status = $False
}
}
#更新禁用信息
$UserInfo ["Delete state"] = $True
$UserInfo. Update ()
}
}

$DeleteResult | Foreach-object {
if ($_. Status-ne $True)
        {
         $color = $redColor
       }
         Else
        {
         $color = $whiteColor
       }

$DataRow = "<tr> <td width= ' 15% ' >$ ($_. Account) </td> <td width= ' 25% ' >$ ($_. Applications) < /td> <td width= ' 25% ' bgcolor= ' $color ' align= ' center ' >$ ($_. Status) </td> </tr> add-content $DeleteReport $DataRow;} Add-content $DeleteReport "</body>

if ($DeleteResult-ne $Null)
{
Send-adminmessage
}

#添加开通状态到报表内容
$UserReport | Foreach-object {
if ($_. Status-ne "deactivated")
        {
         $color = $redColor
       }
         Else
        {
         $color = $whiteColor
       }

$DataRow = "<tr> <td width= ' 15% ' >$ ($_. Account) </td> <td width= ' 25% ' >$ ($_. Applications) < /td> <td width= ' 25% ' bgcolor= ' $color ' align= ' center ' >$ ($_. Status) </td> </tr> add-content $ServiceReport $DataRow;} Add-content $ServiceReport "</body>

#发送报表
If ($UserReport-ne $Null)
{
Send-message-creater $Recipients-servicereport $ServiceReport
}
#移除会话和文件
Remove-pssession $ExSession
Remove-pssession $LyncSession
Remove-item $ServiceReport
Remove-item $DeleteReport
I almost forgot to cite an example:
Disable message completion is like this

Delete a message that looks like it was successful


Well, the whole set into leaving the end of the complete, hoping to alleviate the burden of IT administrators, as for the department change process, because the company is small, temporarily do not involve, so you need the great God himself. If you are interested in studying SCO automation friends, can also add me QQ 522236464

SharePoint in conjunction with PowerShell establishes into separation automation (iv)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.