-
Notifications
You must be signed in to change notification settings - Fork 2
/
orgUnit.Enable.DynamicLocation.ReferencExample.ps1
95 lines (82 loc) · 3.11 KB
/
orgUnit.Enable.DynamicLocation.ReferencExample.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#Initialize default properties
$p = $person | ConvertFrom-Json;
$m = $manager | ConvertFrom-Json;
$a = $accountReference | ConvertFrom-Json;
$ma = $managerAccountReference | ConvertFrom-Json;
# The entitlementContext contains the configuration
# - configuration: The configuration that is set in the Custom PowerShell configuration
$eRef = $entitlementContext | ConvertFrom-Json
$success = $false
$VerbosePreference = "SilentlyContinue"
$InformationPreference = "Continue"
$WarningPreference = "Continue"
# Calculate AD OU based on location
# The Netherlands - enyoi.local/resources/NL/gebruikers
# Germany - enyoi.local/resources/DE/benutzer
# America - enyoi.local/resources/USA/users
Write-Verbose "Location: '$($p.Location.Name)'"
switch ($p.Location.Name) {
"The Netherlands" {
$baseOULDAPFilter = '(name=NL)'
$ouLDAPFilter = '(name=gebruikers)'
}
"Germany" {
$baseOULDAPFilter = '(name=DE)'
$ouLDAPFilter = '(name=benutzer)'
}
"America" {
$baseOULDAPFilter = '(name=USA)'
$ouLDAPFilter = '(name=users)'
}
default {
$baseOULDAPFilter = '(name=resources)'
$ouLDAPFilter = '(name=users)'
}
}
Write-Verbose "baseOULDAPFilter: '$($baseOULDAPFilter)'"
Write-Verbose "ouLDAPFilter: '$($ouLDAPFilter)'"
try {
Write-Verbose "Querying Base AD OU where $($baseOULDAPFilter)"
$baseAdOU = Get-ADOrganizationalUnit -LDAPFilter $baseOULDAPFilter -Properties distinguishedName
if ($null -ne $baseAdOU) {
Write-Verbose "Succesfully queried Base AD OU where $($baseOULDAPFilter): $($baseAdOU.distinguishedName)"
}
else {
throw "No AD OU where $($baseOULDAPFilter)"
}
}
catch {
$success = $false;
$ex = $PSItem
Write-Warning "Error at Line '$($ex.InvocationInfo.ScriptLineNumber)': $($ex.InvocationInfo.Line). Error message: $($ex)"
throw "Could not query Base AD OU where $($baseOULDAPFilter). Error: $($ex.Exception.Message)"
}
try {
Write-Verbose "Querying AD OU where $($ouLDAPFilter) in SearchBase $($baseAdOU.distinguishedName)"
$adOU = Get-ADOrganizationalUnit -LDAPFilter $ouLDAPFilter -Properties canonicalName, name, objectGuid -SearchBase $($baseAdOU.distinguishedName)
if ($null -ne $adOU) {
$organizationalUnit = [PSCustomObject]@{
canonicalName = $adOU.canonicalName
name = $adOU.distinguishedName
objectGuid = $adOU.objectGuid
}
}
else {
throw "No AD OU where $($ouLDAPFilter)"
}
$success = $true;
Write-Verbose "Succesfully queried AD OU where $($ouLDAPFilter) in SearchBase $($baseAdOU.distinguishedName)"
}
catch {
$success = $false;
$ex = $PSItem
Write-Warning "Error at Line '$($ex.InvocationInfo.ScriptLineNumber)': $($ex.InvocationInfo.Line). Error message: $($ex)"
throw "Could not query AD OU where $($ouLDAPFilter) in SearchBase $($baseAdOU.distinguishedName). Error: $($ex.Exception.Message)"
}
#build up result
$result = [PSCustomObject]@{
Success = $success;
OrganizationalUnit = $organizationalUnit;
};
#send result back
Write-Output $result | ConvertTo-Json -Depth 2