Posts RSS Comments RSS 253 Posts and 411 Comments till now

Build Lab (v1 w/out Quest Tools)

This script worked for me… just took a few days 🙂

To Recap. This does the following. In my final revision I am removing the last two steps… it TAKES FOREVER!!! and its not the useful.

# A TestOU OU
# A TestComputers OU
# A TestUsers OU
# A TestGroups OU
# 10K OU’s Under TestOU
## Each of the 10k OUs will have 4 Child OUs
### Each OU should have 5 users Accounts and 5 Machines Accounts
# Create 500 Group Policies.
# Link 100 policies on the 10k Base OUs
# Create 2000 Users in the TestUser OU
# Create 2000 Computers in the TestComputer OU
# Find all the Users
# Create 2K Groups
## Add Even Numbered Users to Even Groups
## Add Odd Numbered Users to Odd Groups

function New-ADOU{
    Param($Name,$OU,$DC)
    # Get Root Path for OU
    if($dc -and $ou){$root = "LDAP://$dc/$ou"}
    if($dc -and !$ou){$root = "LDAP://{0}" -f $dc,(([ADSI]"LDAP://$dc/rootDSE").DefaultNamingContext)}
    if(!$dc -and $ou){$root = "LDAP://$OU"}
    if(!$dc -and !$ou){$root = "LDAP://{0}" -f (([ADSI]"LDAP://rootDSE").DefaultNamingContext)}

    #Write-Host ("Creating OU [{0}] Using Path [{1}]" -f $Name,$Root)

    # Creating Account in OU
    $BaseOU = [ADSI]"$root"
    $NewOU = $BaseOU.Create("organizationalUnit","OU=$Name")
    $NewOU.Setinfo()
    $NewOU.distinguishedName
}
function New-ADUSer{
    Param($user,$password="P@ssw0rd",$dc,$ou)

    # Get Root Path for OU
    if($dc -and $ou){$root = "LDAP://$dc/$ou"}
    if($dc -and !$ou)
    {$root = "LDAP://{0}/CN=Users,{1}" -f $dc,(([ADSI]"LDAP://$dc/rootDSE").DefaultNamingContext)}
    if(!$dc -and $ou)
    {$root = "LDAP://$OU"}
    if(!$dc -and !$ou)
    {$root = "LDAP://CN=Users,{0}" -f (([ADSI]"LDAP://rootDSE").DefaultNamingContext)}

    #Write-Host ("Creating user [{0}] Using Path [{1}]" -f $user,$Root)

    # Creating Account in OU
    $UserOU = [ADSI]"$root"
    $userObj = $UserOU.Create("User","CN=$user")

    # Set samAccountName
    $userObj.put("samAccountName","$user")
    $userObj.Setinfo()

    # Set Password
    $userObj.psbase.invoke("setpassword",$password)
    $userObj.Setinfo()

    # Enable Account
    $userObj.psbase.invokeset(‘accountdisabled’, $false)
    $userObj.Setinfo()
    $userObj.distinguishedName
}
function New-ADComputer{
    Param($Name,$OU,$DC)
    # Get Root Path for OU
    if($dc -and $ou){$root = "LDAP://$dc/$ou"}
    if($dc -and !$ou)
    {$root = "LDAP://{0}/CN=Users,{1}" -f $dc,(([ADSI]"LDAP://$dc/rootDSE").DefaultNamingContext)}
    if(!$dc -and $ou)
    {$root = "LDAP://$OU"}
    if(!$dc -and !$ou)
    {$root = "LDAP://CN=Computers,{0}" -f (([ADSI]"LDAP://rootDSE").DefaultNamingContext)}

    #Write-Host ("Creating user [{0}] Using Path [{1}]" -f $user,$Root)

    # Creating Account in OU
    $CompOU = [ADSI]"$root"
    $CompObj = $CompOU.Create("Computer","CN=$Name")

    # Set samAccountName
    $CompObj.put("samAccountName","$Name`$")
    $CompObj.Setinfo()

    # Enable Account
    $CompObj.psbase.invokeset(‘accountdisabled’, $false)
    $CompObj.Setinfo()
    $CompObj.distinguishedName
}
function New-ADGroup{
    Param($OU,$Grp,$dc)
    Write-Host " + Creating Group [$Grp] in OU [$OU]"

    # Get Root Path of OU
    if($dc){$GroupOU  = [ADSI]"LDAP://$dc/$ou"}
    else{$GroupOU  = [ADSI]"LDAP://$ou"}

    # Create Group
    $GroupObj = $GroupOU.Create("Group","CN=$Grp")
    $Groupobj.SetInfo()
    $Groupobj.distinguishedName
}
function Add-UsertoGroup{
    Param($User,$Grp,$DC)
    if($DC){$myGroup = [ADSI]"LDAP://$DC/$Grp"}
    else{$myGroup = [ADSI]"LDAP://$Grp"}
    #Write-Host "     – Processing User [$User] in Group [$Grp]"
    $myGroup.Add("LDAP://$user")
    $myGroup.SetInfo()
}

#A TestOU OU
Write-Host " + Creating TestOU"
$TestOU = New-ADOU -name TestOU

#A TestComputers OU
Write-Host " + Creating TestComputers OU"
$TestComp = New-ADOU -name TestComputers

#A TestUsers OU
Write-Host " + Creating TestUsers OU"
$TestUsers = New-ADOU -name TestUsers

#A TestGroups OU
Write-Host " + Creating TestGroups OU"
$TestGroups = New-ADOU -name TestGroups

#10K OU’s Under TestOU
foreach($n in 1..10000)
{
    Write-Host " + Creating Level1 OU [Level1OU$N]"
    $Level1 = New-ADOU -name "Level1OU$N" -ou $TestOU
    # Each of the 10k OUs will have 4 Child OUs
    foreach($i in 1..4)
    {
        Write-Host "   + Creating Level2 OU [Level2OU$i]"
        $Level2 = New-ADOU -name "Level2OU$i" -ou $Level1
        #Each OU should have 5 users Accounts and 5 Machines Accounts
        foreach($x in 1..5)
        {
            Write-Host "     – Creating User [Lvl2User$n$i$x] in [$Level2]"
            New-ADUSer -user "Lvl2User$n$i$x" -OU $Level2 | out-Null
            Write-Host "     – Creating Computer [Lvl2Comp$n$i$x] in [$Level2]"
            New-ADComputer -name "Lvl2Comp$n$i$x" -OU $Level2 | out-Null
        }
    }
}

#Create 500 Group Policies.
1..500 | %{New-SDMgpo "TestGPO$_"}

#Link 100 policies on the 10k Base OUs
1..100 | %{Add-SDMgplink -name "TestGPO$_" -Scope "OU=Level1OU$_,$TestOU" -Location -1}

#Create 2000 Users in the TestUser OU
1..2000 | %{New-ADUSer -user "TestUser$_" -OU $TestUsers}

#Create 2000 Computers in the TestComputer OU
1..2000 | %{New-ADComputer -user "TestComputer$_" -OU $TestComputers}

# Find all the Users
$props = @("sAMAccountName","distinguishedName")
$ds = new-Object System.DirectoryServices.DirectorySearcher([ADSI]"","(objectcategory=user)",$props)
$ds.pagesize = 100
$users = $ds.Findall()
$eUsers = $users | ?{ $_.properties.item("sAMAccountName") -match ‘(2|4|6|8|0)$’ } | `
              select-Object @{n="Name";e={$_.properties.item("distinguishedName")}}
$oUsers = $users | ?{ $_.properties.item("sAMAccountName") -match ‘(1|3|5|7|9)$’ } | `
              Select-Object @{n="Name";e={$_.properties.item("distinguishedName")}}

#Create 2K Groups
foreach($i in 1..2000)
{
    $NewGrp = New-ADGroup -Grp "TestGrp$i" -OU $TestGroups
    if($i%2 -eq 0)
    {
        Write-Host "   + Adding Even Users to Group [$NewGrp]"
        $eUsers | Select-Object | %{ Add-UsertoGroup -user $_.name -Grp $NewGrp }
    }
    else
    {
        Write-Host "   + Adding Odd Users to Group [$NewGrp]"
        $oUsers | Select-Object |%{ Add-UsertoGroup -user $_.name -Grp $NewGrp }
    }
}

One Response to “Build Lab (v1 w/out Quest Tools)”

  1. on 06 Mar 2008 at 6:53 pmvaldezdj

    Why didn’t you use Quest Tools? Wouldn’t it cut this script in half?

Trackback this post | Feed on Comments to this post

Leave a Reply

You must be logged in to post a comment.