Fix usercreation;Fix GPO
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
a1b63ef568
commit
a578ec5ae5
@ -35,9 +35,13 @@ If (@('primary','standalone') -contains $Parameter['deployment.type']) {
|
||||
}
|
||||
|
||||
ForEach ($User in $Entries.Users) {
|
||||
$UserName = ($User.DistinguishedName -split ',', 2)[0].Substring(3)
|
||||
$SanitizedUPN = ($UserName -replace "[^a-zA-Z0-9'\.-_!#\^~]").Trim('.')
|
||||
|
||||
# Create new user
|
||||
$NewADUserSplat = @{
|
||||
Name = ($User.DistinguishedName -split ',', 2)[0].Substring(3)
|
||||
Name = $UserName
|
||||
UserPrincipleName = "$($SanitizedUPN)@$((Get-ADDomain).DNSRoot)"
|
||||
Path = ($User.DistinguishedName -split ',', 2)[1] + (',{0}' -f (Get-ADRootDSE).rootDomainNamingContext)
|
||||
AccountPassword = ConvertTo-SecureString $User.Password -AsPlainText -Force
|
||||
PassThru = $True
|
||||
|
@ -6,7 +6,7 @@ Users:
|
||||
Password: "{{ password.johndoe }}"
|
||||
MemberOf: []
|
||||
- DistinguishedName: CN=admJaneD,OU=Administrators,OU=Privileged,OU=User accounts
|
||||
Password: "{{ password.amdjaned }}"
|
||||
Password: "{{ password.admjaned }}"
|
||||
MemberOf: []
|
||||
- DistinguishedName: CN=zzLDAP,OU=Service accounts,OU=Privileged,OU=User accounts
|
||||
Password: "{{ password.zzldap }}"
|
||||
@ -20,9 +20,9 @@ Variables:
|
||||
- Name: password.johndoe
|
||||
Expression: |
|
||||
& ".\Provision-VaultPassword.ps1" -VaultSecret $Parameter['vault.secret'] -Username 'johndoe' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy']
|
||||
- Name: password.amdjaned
|
||||
- Name: password.admjaned
|
||||
Expression: |
|
||||
& ".\Provision-VaultPassword.ps1" -VaultSecret $Parameter['vault.secret'] -Username 'amdjaned' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy']
|
||||
& ".\Provision-VaultPassword.ps1" -VaultSecret $Parameter['vault.secret'] -Username 'admjaned' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy']
|
||||
- Name: password.zzldap
|
||||
Expression: |
|
||||
& ".\Provision-VaultPassword.ps1" -VaultSecret $Parameter['vault.secret'] -Username 'zzldap' -VaultAPIAddress $Parameter['vault.api'] -VaultToken $Parameter['vault.token'] -VaultPwPolicy $Parameter['vault.pwpolicy']
|
||||
|
@ -1,9 +1,15 @@
|
||||
Name: 'COMP: Loopback processing (Merge)'
|
||||
Name: 'COMP: Disable Server Manager at Logon'
|
||||
Type: Object
|
||||
LinkedOUs: OU=Servers,OU=Computer accounts
|
||||
LinkedOUs:
|
||||
- OU=Servers,OU=Computer accounts
|
||||
- OU=Domain Controllers
|
||||
WMIFilters: []
|
||||
RegistryEntries:
|
||||
- Key: HKLM\Software\Policies\Microsoft\Windows\Server\ServerManager
|
||||
- Key: HKLM\Software\Microsoft\ServerManager
|
||||
Type: Dword
|
||||
ValueName: DoNotOpenAtLogon
|
||||
ValueName: DoNotOpenAtServerManagerAtLogon
|
||||
Value: 1
|
||||
- Key: HKLM\Software\Microsoft\ServerManager
|
||||
Type: Dword
|
||||
ValueName: DoNotPopWACConsoleAtSMLaunch
|
||||
Value: 1
|
||||
|
Loading…
Reference in New Issue
Block a user