Add Domain account to local Administrators group

One lesson learned from the Ignite sessions is that in the future release of SharePoint PowerShell is the way to go for SharePoint admins. Hundreds of commands are available to do any kind of manipulation of your server farm. Looking at the “blue screen of death” has never really encouraged me to get my hands dirty. Time to be brave and follow Todd Klindt’s advice…force yourself to do it!

I found this great installation script written in PowerShell by Garry Lapointe to script the installation of a MOSS 2007 portal. This got me thinking: I am installing SP 2010 on my virtual machines, so why not try to do the same and create a script for 2010?

I started out with a script to add a domain account to the local administrators group. Must say that after this work I start to like the flexibility. More to come!

###################################################################
# Name:            		ADUserToLocalGroup.ps1
# Creation Date:    	November 7, 2009
#
# Purpose:        		Add a domain user account to a local group
#
# Inputs:       		username: 		The name of the domain user to add
#						domain:			The domain of the user to add
#						groupName:		The name of the local group to add the user to
#						action:			add/remove
#						computerName:	the name of the computer to add the user to
#
# Usage:        		ADUserToLocalGroup.ps1 -username {username} -domain {domain} -groupName {groupname} 
#						-action {add/remove} [-computername {computername}]
#            			If no computerName is specified the local computer is used
#
# Acknowledgements:    	Portions of this script were originally posted on the
#            			following websites. A big thanks to the original authors!
#
#    	http://myitforum.com/cs2/blogs/yli628/archive/2007/08/30/powershell-script-to-add-remove-
#            a-domain-user-to-the-local-administrators-group-on-a-remote-machine.aspx
#    	http://keithhill.spaces.live.com/blog/cns!5A8D2641E0963A97!676.entry
#    	http://www.microsoft.com/technet/scriptcenter/resources/qanda/mar08/hey0311.mspx
#		http://weblogs.asp.net/adweigert/archive/2007/10/10/powershell-try-catch-finally-comes-to-life.aspx
#
##################################################################
param
(
	[string]$username = $(throw "The parameter -username is required."),
	[string]$domain = $(throw "The parameter -domain is required."),
	[string]$groupname = $(throw "The parameter -groupname is required."), 
	[string]$action = $(throw "The parameter -action is required."), 
	[string]$computername = "localhost"
)

#Try/catch/finally function for v1 compatibility - taken from Adam Weigert's site
function Try
{
    param
    (
        [ScriptBlock]$Command = $(throw "The parameter -Command is required."),
        [ScriptBlock]$Catch   = { throw $_ },
        [ScriptBlock]$Finally = {}
    )
    
    & {
		$local:ErrorActionPreference = "SilentlyContinue"

        trap
        {
            trap
            {
                & {
                    trap { throw $_ }
                    &$Finally
                }
                throw $_
            }
            $_ | & { &$Catch }
        }
        &$Command
    }
    & {
        trap { throw $_ }
        &$Finally
    }
}

#Set the computername
if($computerName -eq "localhost"){ 
	$computerName = gc env:computerName 
}

Try {
	$computer = [ADSI]("WinNT://" + $computername + ",computer")
	$Group = $computer.psbase.children.find($groupname)
	$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
	
	if(($action -eq "Add") -AND ($members -contains $username)) {
		"The domain account specified (" + $username + ") is already a member of the local group (" + $groupname + "). No action taken."
		break
	} elseif (($action -eq "Remove") -and ($members -notcontains $username)){
		"The domain account specified (" + $username + ") is not a member of the group (" + $groupname + "). No action taken."
		break
	}
	
	if ($action.ToLower() -eq "add"){
		$Group.Add("WinNT://" + $domain + "/" + $username)
		"User '" + $username + "' has been succesfully added to the group '" + $groupname + "'"
	} elseif ($action.ToLower() -eq "remove"){
		$Group.Remove("WinNT://" + $domain + "/" + $username)
		"User '" + $username + "' has been succesfully removed from the group '" + $groupname + "'"
	} else { 
		"No or wrong action was specified, no action was taken." 
	}
} -Catch {
	"Exception occured in ADUserToLocalGroup: " + $_.Exception.Message
	"Parameters:"
	" 		- username: 	" + $username 
	" 		- domain: 		" + $domain 
	" 		- groupName:	" + $groupname
	"		- action: 		" + $action
	"		- computername: " + $computername
	throw $_
}

SharePoint 2010 Ignite - Amsterdam

Just came back from the SharePoint 2010 Ignite course in Amsterdam. Together with 150 SharePoint experts I had the chance to discover all the new features in the upcoming SharePoint 2010 release. It has been an interesting experience to see how the product is evolving to a much more mature application. Some quick random highlights:

• The architecture has changed a lot to allow a much more scalable and manageable topology. I think the disappearance of the SSP is one of the biggest changes in the product. Instead we now get a whole list of pluggable service applications. But there are a lot of other huge changes which will make our life a lot simpler: extended logging, multiple databases instead of storing everything in the content database, restoring content by using detached databases, sandboxing, …
• A lot of the problems in SP2007 have been solved. Commonly required features have been introduced. I think of the more mature ECM features (including taxonomies, tagging, rating, publishing of content types, document ID generation, document sets, document linking, …), WCM improvements (introduction of the ribbon, introduction of wiki's), …
• The UX improvements definitely will make this product easier to use.
• One major improvement is the BCS, formerly known as the Business Data Catalog. It has never been easier to import external content into SharePoint lists.
• Search...I'm sure you'll be amazed by FAST search. Visual result sets, deep refiners, contextual search, phonetic search, lemmatization, … search as it should be.
• Social improvements: I'm not convinced by the value of the social aspects introduced in this version. However, search based on social distance will most certainly improve the results even more. Mixed feelings about this.
• Excel services and the REST services: certainly something to look in to
• Powershell administration: I forgot the number, but more cmdlets than you can ever remember exist. Nothing you can't do in PowerShell.
• …

I can go on like this for hours. Time to get my hands on this and start to play with it…got the SharePoint bug J

More to come.