====== PowerShell ======

===== Avancé =====

Grâce aux [[fr:powershell:start|bases]], nous savons désormais:
  * lire des fichiers CSV
  * écrire des fichiers CSV avec de nouvelles colonnes
  * effectuer un test sur une colonne comme le courriel

Maintenant, découvrons comment adresser des requêtes AD. Tout d'abord il faut installer un module requis.

<code powershell>
# once per server
Install-Module ActiveDirectory
</code>

Repartons du même fichier d'entrée que celui des [[fr:powershell:start|bases]].

<csv>
Samaccountname,Mail
abc123,abc123@domain.com
def123,def123@domain.com
ghi123,ghi123@test.com
</csv>

<file csv input.csv>
Samaccountname,Mail
abc123,abc123@domain.com
def123,def123@domain.com
ghi123,ghi123@test.com
</file>

Before we tested mail addresses in an easy way : //does it end with "domain.com" ?//. New tests with AD queries, //Samaccountname must belong to an active user from AD and AD user mail must be equal to mail from CSV file//.

Dans un premier temps, on faisait un simple test : //est-ce que le courriel se termine par "domain.com" ?//. Maintenant, testons en se reposant sur l'AD, //on doit trouver un utilisateur AD actif avec ce Samaccountname et dont le courriel correspond à l'adresse fournie dans le CSV//.

<file powershell csvLevel2.ps1>
Import-Module ActiveDirectory

Import-Csv -Path input.csv | foreach {

    # save current object into different variable
    $currentLine = $_

    # deal with columns
    $mail = $currentLine.Mail
    $sam = $currentLine.Samaccountname

    # let's query AD with SAM
    try {
        # we are using Get-AdUser with parameter -Identity
        # in this case, expected result is either one AdUser or nothing
        # if no result is found then Exception is thrown
        # that's why we are in a try -- catch block
        $user = Get-AdUser -Identity $sam -Properties mail

        # if the script goes here
        # then it means that one AD active user has been found
        Write-Verbose ("AD active user found with SAM={0}" -f $sam)
        $currentLine | Add-Member -MemberType NoteProperty -Name "AdActiveUser" -Value "yes"

        # second test
        # Do mails from AD and from CSV match ?
        if ($user.mail -eq $mail) {
            Write-Verbose ("{0}(AD) is equal to {1}(CSV): perfect match" -f $user.mail, $mail)
            $currentLine | Add-Member -MemberType NoteProperty -Name "MailMatch" -Value "yes"
        } else {
            Write-Verbose ("{0}(AD) is NOT equal to {1}(CSV)" -f $user.mail, $mail)
            $currentLine | Add-Member -MemberType NoteProperty -Name "MailMatch" -Value "no"
        }
    } catch {
        # if the script goes here
        # then it means that no AD active user has been found
        Write-Verbose ("No AD active user found with SAM={0}" -f $sam)
        $currentLine | Add-Member -MemberType NoteProperty -Name "AdActiveUser" -Value "no"
        $currentLine | Add-Member -MemberType NoteProperty -Name "MailMatch" -Value "no"        
    }

    # return updated currentLine with new column
    $currentLine
} |
# export result line by line to CSV
# -NoTypeInformation prevents metadata from being exported
# -Encoding is specified because of the fact we are querying AD (UTF-8)
Export-Csv -Path preCheck.csv -NoTypeInformation -Encoding UTF-8
</file>

L'exécution du script va produire un fichier CSV avec deux nouvelles colonnes.

<file csv preCheck.csv>
"Samaccountname","Mail","AdActiveUser","MailMatch"
"abc123","abc123@domain.com","yes","yes"
"def123","def123@domain.com","yes","no"
"ghi123","ghi123@test.com","no","no"
</file>

<csv>
"Samaccountname","Mail","AdActiveUser","MailMatch"
"abc123","abc123@domain.com","yes","yes"
"def123","def123@domain.com","yes","no"
"ghi123","ghi123@test.com","no","no"
</csv>