One lesson learned from the Ignite sessions is that in the future release of SharePoint PowerShell is the way to go for SharePoint admins. Hundreds of commands are available to do any kind of manipulation of your server farm. Looking at the “blue screen of death” has never really encouraged me to get my hands dirty. Time to be brave and follow Todd Klindt’s advice…force yourself to do it!
I found this great installation script written in PowerShell by Garry Lapointe to script the installation of a MOSS 2007 portal. This got me thinking: I am installing SP 2010 on my virtual machines, so why not try to do the same and create a script for 2010?
I started out with a script to add a domain account to the local administrators group. Must say that after this work I start to like the flexibility. More to come!
###################################################################
# Name: ADUserToLocalGroup.ps1
# Creation Date: November 7, 2009
#
# Purpose: Add a domain user account to a local group
#
# Inputs: username: The name of the domain user to add
# domain: The domain of the user to add
# groupName: The name of the local group to add the user to
# action: add/remove
# computerName: the name of the computer to add the user to
#
# Usage: ADUserToLocalGroup.ps1 -username {username} -domain {domain} -groupName {groupname}
# -action {add/remove} [-computername {computername}]
# If no computerName is specified the local computer is used
#
# Acknowledgements: Portions of this script were originally posted on the
# following websites. A big thanks to the original authors!
#
# http://myitforum.com/cs2/blogs/yli628/archive/2007/08/30/powershell-script-to-add-remove-
# a-domain-user-to-the-local-administrators-group-on-a-remote-machine.aspx
# http://keithhill.spaces.live.com/blog/cns!5A8D2641E0963A97!676.entry
# http://www.microsoft.com/technet/scriptcenter/resources/qanda/mar08/hey0311.mspx
# http://weblogs.asp.net/adweigert/archive/2007/10/10/powershell-try-catch-finally-comes-to-life.aspx
#
##################################################################
param
(
[string]$username = $(throw "The parameter -username is required."),
[string]$domain = $(throw "The parameter -domain is required."),
[string]$groupname = $(throw "The parameter -groupname is required."),
[string]$action = $(throw "The parameter -action is required."),
[string]$computername = "localhost"
)
#Try/catch/finally function for v1 compatibility - taken from Adam Weigert's site
function Try
{
param
(
[ScriptBlock]$Command = $(throw "The parameter -Command is required."),
[ScriptBlock]$Catch = { throw $_ },
[ScriptBlock]$Finally = {}
)
& {
$local:ErrorActionPreference = "SilentlyContinue"
trap
{
trap
{
& {
trap { throw $_ }
&$Finally
}
throw $_
}
$_ | & { &$Catch }
}
&$Command
}
& {
trap { throw $_ }
&$Finally
}
}
#Set the computername
if($computerName -eq "localhost"){
$computerName = gc env:computerName
}
Try {
$computer = [ADSI]("WinNT://" + $computername + ",computer")
$Group = $computer.psbase.children.find($groupname)
$members= $Group.psbase.invoke("Members") | %{$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}
if(($action -eq "Add") -AND ($members -contains $username)) {
"The domain account specified (" + $username + ") is already a member of the local group (" + $groupname + "). No action taken."
break
} elseif (($action -eq "Remove") -and ($members -notcontains $username)){
"The domain account specified (" + $username + ") is not a member of the group (" + $groupname + "). No action taken."
break
}
if ($action.ToLower() -eq "add"){
$Group.Add("WinNT://" + $domain + "/" + $username)
"User '" + $username + "' has been succesfully added to the group '" + $groupname + "'"
} elseif ($action.ToLower() -eq "remove"){
$Group.Remove("WinNT://" + $domain + "/" + $username)
"User '" + $username + "' has been succesfully removed from the group '" + $groupname + "'"
} else {
"No or wrong action was specified, no action was taken."
}
} -Catch {
"Exception occured in ADUserToLocalGroup: " + $_.Exception.Message
"Parameters:"
" - username: " + $username
" - domain: " + $domain
" - groupName: " + $groupname
" - action: " + $action
" - computername: " + $computername
throw $_
}
