Working on this code for creating a new user script and I havent got much experience with if statements. I am trying to get the system to detect if the new user matches an already existing user and if it does, ask for the middle name.
$firstName = Read-Host -Prompt 'Please enter new users first name'
$lastName = Read-Host -Prompt 'Please enter new users last name'
$userName = "$firstName.$lastName"
if ($username -match -ADUser)
{
write-host "$userName is already in use"
$Selection = read-host "Would you like to add a middle name? (Y/N)"
switch ($Selection) {
'Y'{
$middleName = read-host - prompt "Please enter the users middle initial"
$userName = "$firstName.$middleName.$lastName"
}
'N' {
return
}
}
}
else{
}
I was able to figure it out. If anyone else is having the same issue, follow this. Create a variable for searching AD for the name, then match it against the user you are creating.
My code:
$firstName = Read-Host -Prompt 'Please enter new users first name'
$lastName = Read-Host -Prompt 'Please enter new users last name'
$userName = "$firstName.$lastName"
$activeSearch = Get-ADUser -Identity $userName
if ($activeSearch -match $userName)
{
write-host "$userName is already in use"
$Selection = read-host "Would you like to add a middle name? (Y/N)"
switch ($Selection) {
'Y'{
$middleName = read-host - prompt "Please enter the users middle initial"
$userName = "$firstName.$middleName.$lastName"
}
'N'{
return
}
}
}
else{
}
Related
I'm trying to create a new AWS Cognito user pool using Terraform, and currently have the following problem:
I've been trying to get Email address or phone number -> Allow email addresses (shown below in red) selected, instead of what is currently selected (Username -> Also allow sign in with verified email address)
The relevant section of my main.tf file looks like this:
resource "aws_cognito_user_pool" "app_cognito_user_pool" {
name = "app_cognito_user_pool"
alias_attributes = ["email"]
auto_verified_attributes = ["email"]
account_recovery_setting {
recovery_mechanism {
name = "verified_email"
priority = 1
}
}
}
resource "aws_cognito_user_pool_client" "app_cognito_user_pool_client" {
name = "app_cognito_user_pool_client"
user_pool_id = aws_cognito_user_pool.app_cognito_user_pool.id
prevent_user_existence_errors = "ENABLED"
supported_identity_providers = ["COGNITO"]
}
resource "aws_cognito_user_pool_domain" "app_cognito_user_pool_domain" {
domain = "app"
user_pool_id = aws_cognito_user_pool.app_cognito_user_pool.id
}
No matter what I try, I always get Username, instead of Email address or phone number selected. I want the user pool not to use a username, but use an email address instead.
What Terraform argument(s) or value(s) am I missing?
Only set username_attributes - and not alias_attributes - to ["email"].
Setting alias_attributes specifies the 'top part' i.e. Also sign in with verified email address / phone number.
It specifies the extra (alias) ways you can sign in, in addition to the username.
Setting username_attributes specifies the 'bottom part' i.e. Allow email addresses / phone numbers / both email addresses and phone numbers ...
It specifies what to use instead of the username.
Unset alias_attributes (as it conflicts with username_attributes) & then set `username_attributes' to one of the following:
[“email”] - Allow email addresses
[“phone_number”] - Allow phone numbers
[“email”, “phone_number”] - Allow both email addresses and phone numbers (users can choose one
In your case, you need to set username_attributes to ["email"].
This should work:
resource "aws_cognito_user_pool" "app_cognito_user_pool" {
name = "app_cognito_user_pool"
username_attributes = ["email"]
auto_verified_attributes = ["email"]
account_recovery_setting {
recovery_mechanism {
name = "verified_email"
priority = 1
}
}
}
...
Long time lurker, first time poster. I've come across a bit of a problem so I figured I'd ask for help.
I'm following these instructions in order to get a popup message to appear once a user logs into an AWS workspace.
The script fully works, but the issue is that the window is able to be moved/resized and the user can still use the computer while the window is up.
I want to modify the script so that the popup window is FORCED to be interacted with (I.E. Click "OK" or "Logoff") before the user can click anything else on the computer.
How can this be done?
NOTE: I CAN NOT use the Interactive Login: Logon Text/Title GPO settings as it won't work in AWS workspaces.
Below is the code provided by AWS:
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Drawing");
[void] [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms");
$objForm = New-Object System.Windows.Forms.Form;
# Removes the minimize, maximize and exit boxes from the top of the form.
$objForm.ControlBox = $False
$objForm.Text = "Security and Legal Notice";
$objForm.Size = New-Object System.Drawing.Size(640,480);
$objForm.StartPosition = "CenterScreen";
$objForm.KeyPreview = $True;
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Enter")
{$objForm.Close()}})
$objForm.Add_KeyDown({if ($_.KeyCode -eq "Escape")
{$objForm.Close();logoff}})
$OKButton = New-Object System.Windows.Forms.Button;
$OKButton.Location = New-Object System.Drawing.Size(250,400);
$OKButton.Size = New-Object System.Drawing.Size(75,23);
$OKButton.Text = "OK";
$OKButton.Add_Click({$objForm.Close()});
$objForm.Controls.Add($OKButton);
$CancelButton = New-Object System.Windows.Forms.Button;
$CancelButton.Location = New-Object System.Drawing.Size(325,400);
$CancelButton.Size = New-Object System.Drawing.Size(75,23);
$CancelButton.Text = "Logoff";
$CancelButton.Add_Click({$objForm.Close();logoff});
$objForm.Controls.Add($CancelButton);
$objLabel = New-Object System.Windows.Forms.Label;
$objLabel.Location = New-Object System.Drawing.Size(10,20);
$objLabel.Size = New-Object System.Drawing.Size(600,400);
$objLabel.Text = "You are accessing a restricted system for official use only.
By selecting OK you agree to abide by all organizational security policies.
Do not allow unauthorized personnel to access this system."
$objForm.Controls.Add($objLabel);
$objForm.Topmost = $True;
$objForm.Add_Shown({$objForm.Activate()});
[void] $objForm.ShowDialog();
I am trying to run below command on AWS SSM:
Parameters = #{
commands = #(
"Write-Host userid is $userID password $($password)"
'$userID2 = $userID'
'$password2 = $password'
"Write-Host userid is $userID2 password $($password2)"
)
}
First Write-Host statement prints the correct values of $userID and $password but after the assignment of the new variable, second Write-Host variable prints empty for both variables. Am I doing something wrong? I tried fetching the values of $userID and $password with double quotes as well but no luck.
For anyone facing the same issue. Problem is that before sending the commands to EC2, AWS will replace the commands with all variable values and hence, we cannot reuse the variables inside the commands directly. This is the workaround I had to come up with:
$userID = 'testuser1'
$password = 'testpassword'
$userIdString = "`$userID2 = '$userID'"
$passwordString = "`$password2 = '$password'"
Parameters = #{
commands = #(
"Write-Host userid is $userID password $($password)"
"$userIdString"
"$passwordString"
"Write-Host userid is $userID2 password $($password2)"
)
}
Now it prints the $userID2 and $password2 fine.
I am trying to write a Trigger for before insert event on Account object.
trigger DeduplicationAccount on Account (before insert) {
//Get all the accounts in action in 'insert'
Account[] inputAccountList = Trigger.NEW;
I am trying to get a relative list of accounts in my input list of accounts.
Say for eample, I am trying to get such accounts where the last name = 'XXX' in my trigger new.
So, i am writing like this:
// Here, listOfSurname is containing a list of surname with 'XXX'
for(Account ac: Trigger.new){
List<Account> accountDuplicate = [Select ac.rr_First_Name__c, ac.rr_Last_Name__c From
Account ac where ac.rr_Last_Name__c IN : listOfSurname];
System.debug('accountDuplicate: '+ accountDuplicate);
}
But, this list is always coming as 0 though im my input,an account have surname as 'XXX'.
Trigger.New has all the information for the record and we could use that to verify against any condition. I rephrased your query below to check if each account's lastname in Trigger.new is part of the list.
for(Account ac: Trigger.new){
for(String s: listOfSurname){
if (ac.rr_Last_Name__c == s){
System.debug('accountDuplicate: '+ ac);
break;
}
}
}
I need to check a list (.txt) of IP's (or hostnames) to find if they are domain connected or not and perform a task accordingly. I found this post here (How to find if the local computer is in a domain?) which is almost exactly what I'm after except it does it for the local machine. I tried to modify the script to suit but I don't have much experience with PowerShell.
If anyone is able to help it would be much appreciated.
Cheers
David
You can use the code with -Computername parameter and provide explicit credentials in case the remote computer administrator credentials are different from what you are using.
$cred = Get-Credential
$servers = Get-Content C:\scripts\Servers.txt
Foreach ($server in $servers) {
if ((gwmi win32_computersystem -computername $server -Credential $cred).partofdomain -eq $true) {
#Do something Here
} else {
#Do something Here
}
If you have a list of valis server names, you could check if they have a corresponding computer account in AD:
Get-Content .\Servers.txt | Foreah-Object {
if(Get-ADComputer -Filter {Name -eq $_})
{
"machine $_ is a part of default domain"
}
else
{
"machine $_ IS NOT a part of default domain"
}
}