Powershell number of groups variable to individual needs

Question

hello everybody and thank you for your help,

i've made this script to create new users with all details in de AD. as you can see there are a fix number of 5 groups the user can provide to add the newly created user to the provided groups. what i wan't to achieve is that the number of groups to assign the user could be variable, because some users are members of 3, some of 5 etc etc.

as i am very new to powershell i am not sure if that is even possible and would appreciate any hint into the right direction.


#New AD user creation with all details
#On the Param Part it will collect all the parameters for #the user creation by user input.
#It's meant to be done by user input, as the user who #does the job likes it like that.  

 
  param
(
[Parameter(Mandatory=$true)][String]$Vorname_Abstand_Nachname,
[Parameter(Mandatory=$true)][String]$Vorname,
[Parameter(Mandatory=$true)][String]$Initialen_Beispiel_Miguel_Santiago_MSA,
[Parameter(Mandatory=$true)][String]$Nachname,
[Parameter(Mandatory=$true)][String]$Standort,
[Parameter(Mandatory=$true)][String]$TelefonBüro,
[Parameter(Mandatory=$true)][String]$Emailadresse,
[Parameter(Mandatory=$true)][String]$Homepage,
[Parameter(Mandatory=$true)][String]$Strasse_Abstand_Hausnummer,
[Parameter(Mandatory=$true)][String]$Kantons_Kürzel,
[Parameter(Mandatory=$true)][String]$Postleitzahl,
[Parameter(Mandatory=$true)][String]$Handynummer,
[Parameter(Mandatory=$true)][String]$Job_Titel,
[Parameter(Mandatory=$true)][String]$Abteilung,
[Parameter(Mandatory=$true)][String]$Firmenname_Abstand_AG,
[Parameter(Mandatory=$true)][String]$Vorname_Punkt_Nachname,
[Parameter(Mandatory=$true)][String]$Gruppe1,
[Parameter(Mandatory=$true)][String]$Gruppe2,
[Parameter(Mandatory=$true)][String]$Gruppe3,
[Parameter(Mandatory=$true)][String]$Gruppe4,
[Parameter(Mandatory=$true)][String]$Gruppe5
) 

New-ADUser 
-Name "$Vorname_Abstand_Nachname" 
-GivenName "$Vorname" 
-Initials "$Initialen_Beispiel_Miguel_Santiago_MSA" 
-Surname "$Nachname" 
-DisplayName "$Vorname_Abstand_Nachname" 
-Description "Login: $Vorname_Punkt_Nachname" 
-Office "$Standort" -OfficePhone "$TelefonBüro" 
-EmailAddress "$Emailadresse" 
-HomePage "$HomePage" 
-StreetAddress "$Strasse_Abstand_Hausnummer" 
-City "$Standort" -State "$Kantons_kürzel" 
-PostalCode "$Postleitzahl" 
-UserPrincipalName "$Emailadresse" 
-SamAccountName "$vorname_Punkt_Nachname" 
-PasswordNeverExpires $true 
-ScriptPath "genKIXTART.exe" 
-HomeDirectory \\server\Users$\$vorname_Punkt_Nachname 
-HomeDrive H 
-MobilePhone "$Handynummer" 
-Title "$Job_Titel" 
-Department "$Abteilung" 
-Company "$Firmenname_Abstand_AG" 
-Manager "CN=Manager Name,OU=Intern,OU=Benutzer,OU=XXX,DC=xxx,DC=local" 
-Path "OU=Intern,OU=Benutzer,OU=XXX,dc=xxx,dc=local" 
-AccountPassword (Read-Host -AsSecureString "Gib ein Passwort an. Muss mindestens 8 Zeichen lang sein. Darf weder Vor- noch Nachnamen des Benutzers beinhalten, muss Gross- und Kleinbuchstaben als auch Zahlen und Sonderzeichen enthalten") 
-Enabled $true



# This parts sets the users dial-in settings


Set-ADUser 
-Identity $Vorname_Punkt_Nachname 
-replace @{msNPAllowDialIn=$TRUE}



# This parts sets all the paramaeters for the country setting


Get-ADUser -SearchBase 'OU=Intern,OU=Benutzer,OU=QBIC,DC=QBIC,DC=LOCAL' 
-filter * | Set-ADUser -Replace @{c="CH";co="Switzerland";countryCode="756"}



# This part adds the user to the provided groups


Add-ADPrincipalGroupMembership $Vorname_Punkt_Nachname 
-MemberOf $Gruppe1,$Gruppe2,$Gruppe3,$Gruppe4


# This is the finishing part of the Script


Write-Host 
-ForegroundColor Green  'All Done!'

Write-Host 
-ForegroundColor Green 'Please press Enter to Exit'

Pause

Two asides: You never need to enclose variable references such as `$Vorname` in `"..."` in PowerShell, even if the variable contains spaces.`Mandatory=$true` can be simplified to `Mandatory` — mklement0, Apr 18 '23 at 08:12
@mklement0 i am not sure if i understand what you mean. 1. aside: does it mean i can do it like this / New-ADUser -Name $Vorname_Abstand_Nachname ? so without the "" ? / 2. aside: does it mean I can just remove the =$true part from all the Mandatory parameters ? so just like this [Parameter(Mandatory)][String]$Vorname_Abstand_Nachname etc etc. ? — sanjacob, Apr 18 '23 at 08:20
Instead of, e.g., `New-ADUser … -GivenName "$Vorname" …`, use `New-ADUser … -GivenName $Vorname …` (no double quotes). You can shorten `[Parameter(Mandatory=$true)]` to `[Parameter(Mandatory)]` , because `=$true` is implied. — mklement0, Apr 18 '23 at 08:24
but on that one i have to keep the "" , correct ? otherwise he will take the Login part as a parameter ? / -Description "Login: $Vorname_Punkt_Nachname" and also on that one because of the .exe ? / -ScriptPath "genKIXTART.exe" — sanjacob, Apr 18 '23 at 08:41
Yes, in string _literals_ (whether expandable (interpolating) or not), you do need quotes if they contain spaces or other metacharacters, e.g. `-Description "Login: $Vorname_Punkt_Nachname"`. You _can_ use quotes in e.g.`-ScriptPath "genKIXTART.exe"`, but they're not necessary; also, for _verbatim_ values (those that don't contain variable values) it is better to use `'...'` (single-quoting). — mklement0, Apr 18 '23 at 08:56

mklement0 · Accepted Answer · 2023-04-18T17:09:47.240

Declare a single, array-typed parameter, to which a variable number of arguments can be passed, separated by ,

A simplified example:

Note: The only reason a function rather than a script (*.ps1 file) is used is that it's easier to demonstrate the solution this way (you can copy and paste the code into an interactive session, without needing to create a file).
What matters is what's inside the param(...) block, which you can use as-is to replace the $Gruppe1, ..., $Gruppe5 declarations in your script code.
The syntax of a param(...) block is the same, irrespective of whether you're authoring a function or a script; see also:
- The section about parameters of the conceptual about_Functions help topic.
- about_Functions_Advanced_Parameters

# Declare a sample function.
function Foo {

  param(
    # Define a -Groups parameter as an array.
    # Insert "[]" at the end of a type name to declare
    # an array of that type; in the case at hand,
    # [string[]] is an array of [string] elements.
    [Parameter(Mandatory)] [string[]] $Groups 
  )

  $Groups # Output for diagnostic purposes
}

# Call the function with 2 groups
Foo -Groups Group1, Group2

To put it all together in the context of your code (incidental parts omitted; look for $Groups):

param
(
  [Parameter(Mandatory = $true)][String]$Vorname_Abstand_Nachname,
  [Parameter(Mandatory = $true)][String]$Vorname,
  [Parameter(Mandatory = $true)][String]$Initialen_Beispiel_Miguel_Santiago_MSA,
  [Parameter(Mandatory = $true)][String]$Nachname,
  [Parameter(Mandatory = $true)][String]$Standort,
  [Parameter(Mandatory = $true)][String]$TelefonBüro,
  [Parameter(Mandatory = $true)][String]$Emailadresse,
  [Parameter(Mandatory = $true)][String]$Homepage,
  [Parameter(Mandatory = $true)][String]$Strasse_Abstand_Hausnummer,
  [Parameter(Mandatory = $true)][String]$Kantons_Kürzel,
  [Parameter(Mandatory = $true)][String]$Postleitzahl,
  [Parameter(Mandatory = $true)][String]$Handynummer,
  [Parameter(Mandatory = $true)][String]$Job_Titel,
  [Parameter(Mandatory = $true)][String]$Abteilung,
  [Parameter(Mandatory = $true)][String]$Firmenname_Abstand_AG,
  [Parameter(Mandatory = $true)][String]$Vorname_Punkt_Nachname,
  # Define a -Groups parameter as an *array*, instead of individual
  # -Gruppe1, -Gruppe2, ... parameters.
  # (Translate as needed, such as $Gruppen)
  [Parameter(Mandatory)] [string[]] $Groups
)

# ...


# This part adds the user to the provided groups

# Pass the $Groups parameter value as-is (as an array) to -MemberOf
Add-ADPrincipalGroupMembership $Vorname_Punkt_Nachname -MemberOf $Groups

# ...

by the time i tested exactly what you wrote (the edited code) and it worked. the / $Groups # Output for diagnostic purposes / part is it thought to show the provided groups in the console ? i thought it would be great to show the provisioned groups to the user running the script before finally adding the created user to them. thank you so far for your patience and help, i appreciate it a lot :)) . i really start to like powershell as it makes work so easier (works by itself :D ) . will now check your links above. — sanjacob, Apr 18 '23 at 18:48
Glad to hear it, @sanjacob; my pleasure. Yes, `$Groups` by itself prints the elements, each on its own line, to the console by default - see [this answer](https://stackoverflow.com/a/69792182/45375) for more information about this _implicit_ output behavior. PowerShell takes a while to learn, but it's well worth the effort. On a meta note: You can help future readers by clearly signaling which answer, if any, solved your problem, namely by [accepting](https://meta.stackexchange.com/a/5235/248777) it. — mklement0, Apr 18 '23 at 18:56

Powershell number of groups variable to individual needs

1 Answers1