I just finished coding a PowerShell script designed to automate changes to Active Directory, Exchange, and Lync accounts based on input from a human resources database. With resources continually getting thinner, I’m hoping this allows the help desk to focus on more important tasks, like the software, hardware, and training issues of thousands of end users.

As I’ve pointed out elsewhere, I’m not a programmer; I’m a systems administrator. In real life this translates to wearing about every IT hat there is at one time or another: programmer, database administrator, webmaster, help desk, engineer, architect, project manager, et cetera, et cetera.

I don’t mind that–I kind of like it, actually–but I’m still glad to get this project more or less behind me. Of course, as long as it’s in use, it will never be completely behind me. Once you build a monster, you have to keep it well fed and healthy, or it will eventually come after you.

That’s a joke…I hope.

For those of you who are interested, here’s a brief rundown of what this PowerShell behemoth does:

1. >Checks a pickup directory for CSV output from the HR database every fifteen minutes.
2. >Creates new AD user accounts, Exchange mailboxes, and Lync accounts.
3. >Disables existing accounts, mailboxes, and Lync accounts.
4. >Updates descriptive fields such as telephone number, department, job description.
5. >Creates a home folder, sets the correct permissions, and maps the drive via AD.
6. >Maps department-specific shared drives.
7. >Sets the employee’s supervisor.
8. >Transfers a user from one department to another, including moving the AD account to the appropriate OU, moving the home folder to a new server, and mapping new shared drives.
9. >Enables/disables litigation hold.
10. >Exports the mailbox contents and forwards incoming messages for a terminated employee.
11. >Verifies that all of the requested changes have been made and generates an error code that specifically identifies each item that wasn’t changed. (Sometimes there’s a good reason for not doing what HR asks. When a mailbox is on litigation hold, for example, you wouldn’t want to just delete it.)
12. >Sends the Exchange administrator an email with a summary of each change request and breaking out the error code into an easy-to-read, color-coded table.

I’m sure that I’m leaving some features out. You should see the flowcharts I created to keep all of this straight.

I’m sure I’ll have some bugs to work out–HR will no doubt give it some scenarios I haven’t anticipated–but I am justifiably proud of my new 800 lb baby.