Step 2 in our series is to add some users to Active Directory.

First we need a simple routine to add users to Active Directory

Update 3-11-2006 : The original add-aduser would only work in versions of PowerShell pre RC2. RC2 included some breaking changes to how the DirectoryEntry object handled. I;ve added an RC2 compatible routine.

Pre RC2 version

function add-aduser([string]$LoginName, [string]$DisplayName, [string]$FirstName, [string]$LastName)
{

    $cn=$LoginName
    $sam=$LoginName
    $pw="P@ssword1"


    $ad= new-object System.DirectoryServices.DirectoryEntry
    $u = $ad.get_Children().Find("CN=Users")
    $NewUser = $u.get_Children().add("CN=$cn",'User')

    
    $NewUser.InvokeSet("sAMAccountName",$sam)
    $NewUser.InvokeSet("displayName",$DisplayName)
    $NewUser.InvokeSet("FirstName",$FirstName)
    $NewUser.InvokeSet("LastName",$LastName)
    
    $NewUser.CommitChanges()

    $ad=new-object System.DirectoryServices.DirectoryEntry
    $u = $ad.get_Children().Find("CN=Users")

    $NewUser= $u.get_Children().Find("CN=$cn");
    $NewUser.Invoke("SetPassword",$pw)
    $NewUser.InvokeSet("AccountDisabled",$false)

    # set that the password never expires
    $NewUser.userAccountControl[0] = $NewUser.userAccountControl[0] -bor (65536)

    $NewUser.CommitChanges()

}

RC2 Version

function add-aduser([string]$LoginName, [string]$DisplayName, [string]$FirstName, [string]$LastName)

{

   $cn=$LoginName
   $sam=$LoginName
   $pw="P@ssword1"

   # Get an ADSI object for the default domain
   $ad= [ADSI]""

   # Get the Users OU as default
   $ou = $ad.psbase.Children.Find("CN=Users")

   # Add the user
   $NewUser = $ou.psbase.Children.Add("CN=$cn",'User') 

   # Set the basic properties
   $NewUser.Put("sAMAccountName",$sam)
   $NewUser.Put("displayName",$DisplayName)
   $NewUser.Put("givenname",$FirstName)
   $NewUser.Put("sn",$LastName)

   # Commit changes 
   $NewUser.SetInfo() 

   
   # Set our password 
   $NewUser.psbase.Invoke("SetPassword",$pw) 

   # And enable the account
   $NewUser.psbase.InvokeSet("AccountDisabled",$false) 

   # set that the password never expires
   $NewUser.userAccountControl[0] = $NewUser.userAccountControl[0] -bor (65536) 

   # Commit changes
   $NewUser.SetInfo()

}

This gets us a function we can call to add test users. Note we're hardcoding the OU to users, to make this more production you'd want to parameterize the OU, passwords and set the AccountControl flags to Change Password on next login, there's a lot of other resources out there to help with that.

So If we put that in a script file loaded from our Profile we can call it like this

add-aduser "joeb" "joe blogs" "joe" "blogs"

That's nice but with PowerShell we can do better. We really want to data drive this and the built-in import-csv function will parse a CSV and create a collection of objects that match the CSV schema.

Take a simple User's CSV file like this

Now if we run an import-xml command on the CSV file this is the output

Each line has been parsed and an object created. To see this more clearly we can use the get-member command to reflect over the object and see what the object looks like.

(Note: it will be PSCustomObject not MshCustomObject in post RC0 builds , I'm running Exchange 2007 on this VPC which requires PowerShell RC0)

As you can see the CSV columns have been added as a NoteProperty property (this is part of the extensible type system).

So now we can create a really simple function to import a CSV file of users, pipe the output to a foreach loop and add each user to Active Directory.

# Function:         Import-Users
# Description:        Create users in active directory as listed in the import CSV file
# Parameters:        UserFile         Location of the CSV file containing the users
#
function Import-Users([string]$UserFile)
{
    Import-Csv $UserFile | foreach-object { add-aduser $_.LoginName $_.DisplayName $_.FirstName $_.LastName }
}

Note that when you receiving a collection of objects in the pipeline in a scriptblock you have to loop over each object. The $_ is a special variable that gives you the current object in the loop which you can use to access properties and methods.

To call we just do

Import-Users Users.CSV

With this power 500 users are as easy as 1 user.

We're not limited to just using CSV files, I've just picked that format as I'm always amazed at the amount of data I get given in Excel spreadsheets and word documents and CSV is the easiest intermediate format to work with. There is also an import-xml command which we will use later to import an XML file containing portal content. As Powershell can call any .Net library the System.Data set of classes could also be used to pull information from databases.

The next entry will be adding our users to SharePoint.

Hi,

Just like to thank all those who attended the Presentation last Thursday on controlling SharePoint with PowerShell and Extending the Administration Object model.

I know it was pretty fast paced and technical so I plan to follow it up with a series of blogs entries recapping the steps and scripts in greater detail.

Some of the topics covered were:

   Powershell Basics

   Exchange produces PowerShell samples from the new UI console

   Creating a new SharePoint WebApplication and applying a portal template

   Adding users defined in a CSV file to Active Directory

   Adding those users defined in a CSV file to SharePoint roles

   Adding in webs as defined in a CSV file

   Adding content in an XML file to a Publishing Web

   Uploading a directory of files in 4 lines of Script.

   Creating a custom STSAdm command

   Creating an application to sync User Profile properties back to Active Directory

I've attached the PowerShell scripts and PowerPoint Slides.

I'm not able to post the sample code of the AD Sync application as parts of the code is proprietary but I will post a sample application that does a scheduled backup using exactly the same template.

Presentation-SPPowerShell.zip (46.78 KB)

Flexnet Consultants

A quickie.

Heres 4 lines of code to upload a whole directory of files, in this case pictures, to a SharePoint document or image library.

The directory pictures contains the images.

The destination is the image library SiteCollectionImages for the portal running on port 2828

$wc = new-object System.Net.WebClient
$wc.Credentials = [System.Net.CredentialCache]::DefaultCredentials
function getdestname($filename){ "http://sps:2828/sitecollectionimages/" + $(split-path -leaf $filename)}
dir "pictures" | % { $uploadname=getdestname $_; $wc.UploadFile($uploadname,"PUT", $_.FullName) }

Have I mentioned PowerShell just rocks?

In this PowerShell and SharePoint series I'd thought I'd spin through, in order of use, the commands used to create the demo Portal site in the SUGUK user group presentation.

First step: Creating a Web Application using the API.

The new SPWebApplicationBuilder object makes this easy. This object creates a Web Application using a default port and the default settings, you can override any settings you like in your script but for simplicity I'm just changing the default timezone.

SPWebApplicationBuilder also creates an AppPool to go along with the new IIS Website which has Network Service as the user. In Beta 2TR that account doesn't have the correct permissions so you need to change it to a local administrator. I tend to dev on a Virtual machine DC so I'd use the domain admin.

So we have three routines

   new-SpWebApplication - Create the IIS Website and SharePoint settings

   set-apidentity   - set the Application Pool credentials

   get-defaulttimezoneid   - returns the Greenwich Meantime TimeZone ID (adjust this one to suit)

We also then need to create the set of webs that will live inside the Web Application, this is done by calling the Add Method on the Sites method of the Web Application passing it various parameters the most important of which is the template ID, in this case SPSPORTAL to give us the default SharePoint Intranet portal look.

The Powershell commands to tie all this together are

$webapp=new-SPWebApplication

set-apIdentity "http://sps:yourportnumber" "contoso\administrator" "password"

#Create Portal Site Collection

$webapp.Sites.Add("/", "SUGUK Intranet","SUGUK Intranet",1033, "SPSPORTAL", "contoso\administrator", "administrator", "administrator@contoso.com")

Here's new-SPWebApplication

# Function:         new-SPWebApplication    
# Description:        Create and return a new SPWebApplication object
#             Use the default values which will create the web site at a random port
# Parameters:        none
#
function new-SPWebApplication()
{

    # Get our local SPFarm object
    $spfarm = [Microsoft.SharePoint.Administration.SPfarm]::Local

    # Use the new SPWebApplicationBuilder
    $appbuilder= new-object Microsoft.SharePoint.Administration.SPWebApplicationBuilder $spfarm

    # Create Web Application with the default settings
    
    $webapplication = $appbuilder.Create()

    # Set the timezone to Greenwich Mean Time
    $timezone=get-defaulttimezoneid
    $webapplication.DefaultTimeZone = $timezone.ID
    $webapplication.Update()

    # Actually queue the application for creation
    $webapplication.Provision()

    # return the SPWebApplication object
    $webapplication

}

# Return the Default TimeZone as used for the majority of our sites
#
function get-defaulttimezoneid
{
    [Microsoft.SharePoint.SPregionalSettings]::Globaltimezones | where-object { $_.Description -like "*greenwich*" }
}

Now to change the Credentials for the AppPool is also really simple in V3. The SPWebApplication object exposes a ApplicationPool property which you can use to set its credentials

# Function:         set-apidentity    
# Description:        Set the credentials for the application pool for the given Web Application
# Parameters:        Url        Site Collection URL
#            UserName     UserName
#            Password     Password
function set-apidentity([string]$SiteCollectionURL, [string]$UserName, [string]$Password)
{

        
    $webapp=get-spwebapplication $SiteCollectionURL
    
    
    $webapp.ApplicationPool.CurrentIdentityType= [Microsoft.SharePoint.Administration.IdentityType]::SpecificUser
    $webapp.ApplicationPool.UserName= $Username
    $webapp.ApplicationPool.Password= $Password
    
    # Save the settings
    $webapp.ApplicationPool.Update()

    # Roll the settings out via a Admin Job
    $webapp.ApplicationPool.Provision()


}

To me this is way easier than using the UI.

Hi,

I'm about to start off a new series of entries about using Powershell to control SharePoint.  There's a big gap in the ability to script SharePoint between stsadm commands and custom .net programs and PowerShell fills it nicely.

All my entries from now on will focus on SharePoint version 3.

PowerShell is 'DOS for the .NET generation' (c)  and its a fantastic way to both interactively control SharePoint via its Object Model from a command line and to create scripts that can be run in a batch. Its currently at version RC2 and is available from here http://support.microsoft.com/kb/925228
It installs as a windows update package rather than a separate install as it used to in earlier betas, thats a sign of its being a core element of Windows going forward.

Ok lets do some Powershell SharePoint basics.

First although Powershell can call any .net class the assembly must be loaded first.
By default Powershell loads a small list of assemblies, this command will get the list of loaded assemblies:

[System.AppDomain]::CurrentDomain.GetAssemblies()

The syntax for calling a .NET class's static method is for the brackets go around the Class name and the double colon between the class and the static method

The output from that is a little hard to read lets just list the files involved

[AppDomain]::CurrentDomain.GetAssemblies() | foreach-object { split-path $_.Location -leaf } | sort

Here's the list of files the above command gives on my machine

Microsoft.PowerShell.Commands.Management.dll
Microsoft.PowerShell.Commands.Utility.dll
Microsoft.PowerShell.Commands.Utility.resources.dll
Microsoft.PowerShell.ConsoleHost.dll
Microsoft.PowerShell.ConsoleHost.resources.dll
Microsoft.PowerShell.Security.dll
Microsoft.PowerShell.Security.resources.dll
mscorlib.dll
System.Configuration.Install.dll
System.Data.dll
System.DirectoryServices.dll
System.dll
System.Management.Automation.dll
System.Management.Automation.resources.dll
System.Management.dll
System.ServiceProcess.dll
System.Xml.dll

As you can see SharePoint is not one of those in the list, also missing that could be useful is the System.Web assembly

There are a few ways to load an assembly onto your AppDomain but the easiest is to call the static method LoadWithPartialName on the Assembly class.

[System.Reflection.Assembly]::LoadWithPartialName("Microsoft.SharePoint")

LoadWithPartialName is great because you dont need to specify the full name to the assembly which in SharePoint v3 would be

[System.Reflection.Assembly]::Load("Microsoft.SharePoint, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c")

and for MOSS

[System.Reflection.Assembly]::Load("Microsoft.SharePoint.Portal, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c")

Now a lot of people will cry LoadWithPartialName has been deprecated as MS have got concerned how it has to make to many guesses over locating the assembly.
Personally I want to see a method that will simply load the latest version of the assembly I've told it to load, in a controlled environment like a SharePoint server thats exactly the behaviour I want to see. <rant> MS for god's sake just document the method properly and let devs choose whether to use it or not. </rant>

Anyway if you want to use the Load method take a look at this blog entry: http://www.leeholmes.com/blog/HowDoIEasilyLoadAssembliesWhenLoadWithPartialNameHasBeenDeprecated.aspx

Now you don't want to type the load commands each time so put them in your Powershell Profile script.
This changes location a lot depending on which version of Powershell your running so see this entry for the full details http://www.leeholmes.com/blog/TheStoryBehindTheNamingAndLocationOfPowerShellProfiles.aspx

So now what can we do with this?

Well first lets get a site collection we can play with

First create an SPSite object and pass it a valid site url

      $spsite= Microsoft.SharePoint.SPSite("http://portal.contoso.com")

to see the contents of the object just type the object on the command line

$spsite

To just get a list of the methods on the SPSite object

   $spsite | get-member -membertype method

To just get a list of the properties on the SPSite object

   $spsite | get-member -membertype property

To get a list of all sub sites

   $spsite.AllWebs

Get a list of webs ordered by the last time that the contents have been changed

   $spsite.allwebs | select LastItemModifiedDate, URL , Created | sort LastItemModifiedDate

There's lots more that you can do and I'll post them as I go.

Whoa, its been a while since I've blogged but sundry projects and SharePoint v3 has taken up all my time.

Just to let you know that I'm presenting at the UK SharePoint users group meeting this Thursday the 26th October.

I'm doing 2 sessions; one on using Powershell with SharePoint v3 in which I'll go through Powershell basics and how to use it to control SharePoint. Then I will attempt to build a portal without touching any settings in the UI! Wish me luck.

The second one will explore the new extensible admin object model.
This will demonstrate creating custom stsadm commands along with creating an application that syncs changed MOSS User profile information back to Active Directory.
It will be a small application integrated into SharePoint and built using the new SPService, SPServiceInstance and SPJobDefinition classes.
I'll be describing how they work together, its cool stuff.

Everybody is welcome (you just need to register on the suguk site) so if you are in London this Thursday it would be great to see you.  The meeting kicks off at 6.30pm

If you plan to attend just register on the SUGUK site and leave your name on this list
http://suguk.org/forums/thread/1490.aspx

cheers,
Colin