Re: Cleanup Script

By Gruff Water Vole, 7 Years ago, written in PowerShell, viewed 172 times. This paste is a reply to by

URL http://pb.stoleyour.com/view/ea7a8cd5 Embed

Download Paste or View Raw — Expand paste to full width of browser

#------------------------------------------------------------------------------------------------------------------------#
# Title:       Cleanup Script                                                                                            #
# Author:      Nicholas Raposo                                                                                           #
# Version:     1.0                                                                                                       #
# Updated:     10/31/2018                                                                                                #
# Description: This script strips groups from users and stores 1 log file and 1 working file. The log file saves the     #
#              the groups that were stripped from a user and the working file is used to determine when to delete a      #
#              users files from the home directory.                                                                      #
#------------------------------------------------------------------------------------------------------------------------#
 
Import-Module ActiveDirectory
#Create Exchange PowerShell PSSession
$s=New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://va-ex01/powershell -Authentication Kerberos
#Import Exchange PowerShell Session
Import-PSSession -Session $s -AllowClobber
 
#Data initialization: get the xml file and ingest it, import the data we need, get exchange recipients.
$dt = Get-Date
$homeFolderPath = "\\va-fp03\home$\"
$logStripPath = "c:\logs\groupsstrip\"
$OUPath = "OU=DISABLED USERS,DC=vanaqua,DC=local"
$xmlfile = "\\va-dc02\c$\logs\cleanup\users.xml"
[xml]$xmlObj = [System.Xml.XmlDocument](Get-Content $xmlfile)
$users = $xmlObj.SelectNodes("//*[@Name]")
$recipients = Get-Recipient "*@ocean.org"
 
foreach ($username in (Get-ADUser -SearchBase $OUPath -filter *)) {
 
    #If the user hasn't been added to the list and doesn't have their home 
    #folder cleaned up already then add them to the list.
    $homeDirectory = $homeFolderPath + $username.SamAccountName
    if($username.Name -notin $users){
        if(Test-Path $homeDirectory){    
            $child = $xmlObj.CreateElement("User")
            $child.SetAttribute("Name", $username.Name)
 
            $childDay = $xmlObj.CreateElement("Day")
            $childDay.InnerText = $dt.Day
 
            $childMonth = $xmlObj.CreateElement("Month")
            $childMonth.InnerText = $dt.Month
 
            $child.AppendChild($childDay)
            $child.AppendChild($childMonth)
            $xmlObj.Users.AppendChild($child)
        }
    }
 
        # Get all group memberships
        $groups = get-adprincipalgroupmembership $username;
 
        # Loop through each group
        foreach ($group in $groups) {
 
                # Exclude Domain Users group
                if ($group.name -ne "domain users") {
                
                        # Write progress to screen
                        write-host "removed" $username "from" $group.samaccountname -Foreground Yellow; 
                        
                        # Remove user from group
                        remove-adgroupmember -Identity $group.SamAccountName -Member $username.SamAccountName -Confirm:$false;
                        
                        # Define and save group names into filename in c:\logs\groupsstrip\username
                        $grouplogfile = $logStripPath + $username.SamAccountName + ".txt";
                        $group.name >> $grouplogfile
                }
 
        }
}
 
#Loop through the users in our working file and disable the mailbox then delete the files as needed.
ForEach ($usr in $users){
    if($usr.attributes['Name'].value -in $recipients.Name){
        #Disable users mailbox if it exists.
        Get-Mailbox -identity $usr.attributes['Name'].value | Disable-Mailbox -confirm:$false
    }
 
    #Do some date & time wizardry to not have discrepancies between years, alternative would be to implement absolute time.
    $tempMonthCurrent = $dt.Month
    $tempMonthUsr = [int]$usr.Month + 3
    if($tempMonthUsr -gt 12){
        $tempMonthUsr = $tempMonthUsr - 12
        if([int]$dt.Month + 3 -gt 12){
            $tempMonthCurrent = $tempMonthCurrent - 12
        }
    }
 
    if($tempMonthCurrent -gt $tempMonthUsr){
        $tempUsr = $usr.attributes['Name'].value -replace ' ', '.'
        $tempPath = $homeFolderPath + $tempUsr
        Remove-Item -path $tempPath
 
        #Remove the user node as we are now finished all cleanup.
        $usr.ParentNode.RemoveChild($usr)
    }
}
 
$xmlObj.Save($xmlfile)
Remove-PSSession $s

Reply to "Re: Cleanup Script"

Here you can reply to the paste above

Author What's your name?

Title Give your paste a title.

Language What language is your paste written in?

Your paste Paste your paste here Enable syntax highlighting

#------------------------------------------------------------------------------------------------------------------------#
# Title:       Cleanup Script                                                                                            #
# Author:      Nicholas Raposo                                                                                           #
# Version:     1.0                                                                                                       #
# Updated:     10/31/2018                                                                                                #
# Description: This script strips groups from users and stores 1 log file and 1 working file. The log file saves the     #
#              the groups that were stripped from a user and the working file is used to determine when to delete a      #
#              users files from the home directory.                                                                      #
#------------------------------------------------------------------------------------------------------------------------#

Import-Module ActiveDirectory
#Create Exchange PowerShell PSSession
$s=New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://va-ex01/powershell -Authentication Kerberos
#Import Exchange PowerShell Session
Import-PSSession -Session $s -AllowClobber
 
#Data initialization: get the xml file and ingest it, import the data we need, get exchange recipients.
$dt = Get-Date
$homeFolderPath = "\\va-fp03\home$\"
$logStripPath = "c:\logs\groupsstrip\"
$OUPath = "OU=DISABLED USERS,DC=vanaqua,DC=local"
$xmlfile = "\\va-dc02\c$\logs\cleanup\users.xml"
[xml]$xmlObj = [System.Xml.XmlDocument](Get-Content $xmlfile)
$users = $xmlObj.SelectNodes("//*[@Name]")
$recipients = Get-Recipient "*@ocean.org"

foreach ($username in (Get-ADUser -SearchBase $OUPath -filter *)) {

#If the user hasn't been added to the list and doesn't have their home 
    #folder cleaned up already then add them to the list.
    $homeDirectory = $homeFolderPath + $username.SamAccountName
    if($username.Name -notin $users){
        if(Test-Path $homeDirectory){    
            $child = $xmlObj.CreateElement("User")
            $child.SetAttribute("Name", $username.Name)

$childDay = $xmlObj.CreateElement("Day")
            $childDay.InnerText = $dt.Day

$childMonth = $xmlObj.CreateElement("Month")
            $childMonth.InnerText = $dt.Month

$child.AppendChild($childDay)
            $child.AppendChild($childMonth)
            $xmlObj.Users.AppendChild($child)
        }
    }

# Get all group memberships
	$groups = get-adprincipalgroupmembership $username;

# Loop through each group
	foreach ($group in $groups) {

# Exclude Domain Users group
		if ($group.name -ne "domain users") {
		
			# Write progress to screen
			write-host "removed" $username "from" $group.samaccountname -Foreground Yellow; 
			
			# Remove user from group
			remove-adgroupmember -Identity $group.SamAccountName -Member $username.SamAccountName -Confirm:$false;
			
			# Define and save group names into filename in c:\logs\groupsstrip\username
			$grouplogfile = $logStripPath + $username.SamAccountName + ".txt";
			$group.name >> $grouplogfile
		}

}
}

#Loop through the users in our working file and disable the mailbox then delete the files as needed.
ForEach ($usr in $users){
    if($usr.attributes['Name'].value -in $recipients.Name){
        #Disable users mailbox if it exists.
        Get-Mailbox -identity $usr.attributes['Name'].value | Disable-Mailbox -confirm:$false
    }

#Do some date & time wizardry to not have discrepancies between years, alternative would be to implement absolute time.
    $tempMonthCurrent = $dt.Month
    $tempMonthUsr = [int]$usr.Month + 3
    if($tempMonthUsr -gt 12){
        $tempMonthUsr = $tempMonthUsr - 12
        if([int]$dt.Month + 3 -gt 12){
            $tempMonthCurrent = $tempMonthCurrent - 12
        }
    }

if($tempMonthCurrent -gt $tempMonthUsr){
        $tempUsr = $usr.attributes['Name'].value -replace ' ', '.'
        $tempPath = $homeFolderPath + $tempUsr
        Remove-Item -path $tempPath

#Remove the user node as we are now finished all cleanup.
        $usr.ParentNode.RemoveChild($usr)
    }
}

$xmlObj.Save($xmlfile)
Remove-PSSession $s

Create Shorturl Create a shorter url that redirects to your paste?

Private Private paste aren't shown in recent listings.

Delete After When should we delete your paste?