Hi.
I have written a small Powershell script that reads an Active Directory group, and Lync Enables users in that group or in any Groups-in-Groups.
The users e-mail address is used when enabling the user for Lync.
Changes will come to the script, in terms of more error checking and other improvments.
Requirements:
- Needs access to Active Directory and Lync PowerShell modules
Please feel free to use the script AS-IS, and I’ll be happy for feedback, any kind π
I have successfully created a scheduled task at several customers – They are all happy π
Updates:
- Changed the requirements of Log folder – Script creates logfile from where the command is called
- Changed the format of Logfilename, Convertet to uFormat – Should cover most π
Changes are based on feedback π
############################################################################################# # Enable-LyncUsers.ps1 # # v1.0 - April 2012 by Trond Egil Gjelsvik-Bakke (https://trogjels.wordpress.com) # v1.1 - October 2012 # Changed script regarding to LogFile creation. # # Syntax: # Enable-LyncUsers AD-GroupName # ############################################################################################# param($CSGroup) Import-Module ActiveDirectory Import-Module Lync #Check if AD Group contains members $Members = Get-ADGroupMember $CSGroup -Recursive if ($Members -eq $NULL) { write-host "AD Group $CSGroup don't contain any users. Please add members to this group before continuing" -foregroundcolor red -backgroundcolor black exit 0 } #Create LogFile $LogFile = "Enable-LyncUsers-Log-"+(get-date -uformat %d%m%Y-%H%M%S)+".txt" $LogTXT = "Processing Users.....`n" Out-File -FilePath $LogFile -InputObject $LogTXT Write-Host "Processing Users.....`n" -foregroundcolor Yellow -backgroundcolor Black ForEach ($user in $Members) { $samaccountname = $user.samaccountname $ADUser = get-csaduser -Filter {SamAccountName -eq $SamAccountName} $display = $ADUser.FirstName + " " + $ADUser.LastName write-host "Processing:" $display $adexist = get-csaduser | where {$_.samaccountname -eq $samaccountname} if ($adexist -eq $null) { $usernotinad = $true write-host "User " $samaccountname " not in AD" } else { $usernotinad = $false } if ($usernotinad -ne $true) { $enabled = Get-CsUser -filter {SamAccountName -eq $SamAccountName} # Check if user is enabled for for OCS/Lync if ($enabled) { # Check if user is enabled for OCS if ($enabled.RegistrarPool -eq $null) { Write-Host "User is on OCS, enabling for Lync" -foregroundcolor Yellow -backgroundcolor Black $pool = get-csservice -registrar | where {$_.ServiceID -eq "1-Registrar-1"} Move-CsLegacyUser -Identity $ADUser.SipAddress -Target $pool.PoolFQDN -Force -Confirm:$false $LogTXT = "Successfully moved $display to Lync Server 2010" Write-Host "Successfully moved $display to Lync Server 2010" } else { Write-Host "User is already on Lync - Skipping..." -foregroundcolor Yellow -backgroundcolor Black $LogTXT = "$display is already on Lync Server 2010, skipping....." } } else { Write-Host "Enabling user for Lync - Processing..." -foregroundcolor Yellow -backgroundcolor Black $pool = get-csservice -registrar | where {$_.ServiceID -eq "1-Registrar-1"} get-csaduser | where {$_.samaccountname -eq $samaccountname} | Enable-Csuser -registrarpool $pool.PoolFQDN -sipaddresstype EmailAddress $LogTXT = "Successfully enabled $display for Lync Server 2010" Write-Host "Successfully enabled $display for Lync Server 2010" -foregroundcolor Yellow -backgroundcolor Black } } #Write Log Out-File -FilePath $LogFile -InputObject $LogTXT -Append }