Howard Enos
1864dcad4c
Cascades of Tucson — created 4 new caregiver accounts, Alma Montt admin account, terminated Niel Castro, reclassified Celia Lassey and Patricia Sandoval-Beck from SG-Caregivers. Entra sync run; Alma Montt M365 license pending background task. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
107 lines
3.5 KiB
PowerShell
107 lines
3.5 KiB
PowerShell
# Cascades of Tucson -- Add 4 new caregiver accounts (2026-05-18)
|
|
# Run on: CS-SERVER as a domain admin
|
|
# OU: OU=Caregivers,OU=Departments,DC=cascades,DC=local
|
|
#
|
|
# Net-new hires identified from updated HR roster (employees.xlsx, 2026-05-18).
|
|
# Creates accounts and immediately adds to SG-Caregivers.
|
|
#
|
|
# Name notes:
|
|
# t.lassey-assiakoley -- "Tele Sepopo Lassey Assiakoley". Compound first AND last name.
|
|
# t.lassey was unavailable (Celia Lassey). Hyphenated form chosen.
|
|
# Personal email: sepopolassey@gmail.com
|
|
|
|
$OU = "OU=Caregivers,OU=Departments,DC=cascades,DC=local"
|
|
$Domain = "cascadestucson.com"
|
|
$Group = "SG-Caregivers"
|
|
$TempPassword = ConvertTo-SecureString "Cascades2026!" -AsPlainText -Force
|
|
|
|
$NewCaregivers = @(
|
|
@{ First="Luriz"; Last="Fuster"; Sam="l.fuster"; Title="AL Caregiver" },
|
|
@{ First="Tele Sepopo"; Last="Lassey Assiakoley"; Sam="t.lassey-assiakoley"; Title="AL Caregiver" },
|
|
@{ First="Shontiel"; Last="Nunn"; Sam="s.nunn"; Title="AL Caregiver" },
|
|
@{ First="Diana"; Last="Fierros"; Sam="d.fierros"; Title="MC Caregiver" }
|
|
)
|
|
|
|
$created = 0
|
|
$failed = 0
|
|
$skipped = 0
|
|
|
|
Write-Host "=== Creating accounts ==="
|
|
foreach ($c in $NewCaregivers) {
|
|
$displayName = "$($c.First) $($c.Last)"
|
|
$upn = "$($c.Sam)@$Domain"
|
|
|
|
if (Get-ADUser -Filter "SamAccountName -eq '$($c.Sam)'" -ErrorAction SilentlyContinue) {
|
|
Write-Host "[SKIP] $displayName already exists ($($c.Sam))"
|
|
$skipped++
|
|
continue
|
|
}
|
|
|
|
try {
|
|
New-ADUser `
|
|
-Name $displayName `
|
|
-GivenName $c.First `
|
|
-Surname $c.Last `
|
|
-SamAccountName $c.Sam `
|
|
-UserPrincipalName $upn `
|
|
-Path $OU `
|
|
-AccountPassword $TempPassword `
|
|
-Enabled $true `
|
|
-ChangePasswordAtLogon $false `
|
|
-PasswordNeverExpires $true
|
|
|
|
Write-Host "[OK] $displayName -- $upn"
|
|
$created++
|
|
}
|
|
catch {
|
|
Write-Host "[ERROR] $displayName -- $_"
|
|
$failed++
|
|
}
|
|
}
|
|
|
|
Write-Host ""
|
|
Write-Host ("Accounts: {0} created, {1} failed, {2} skipped" -f $created, $failed, $skipped)
|
|
|
|
Write-Host ""
|
|
Write-Host "=== Adding to $Group ==="
|
|
|
|
$added = 0
|
|
$sgFailed = 0
|
|
$sgSkipped = 0
|
|
|
|
foreach ($c in $NewCaregivers) {
|
|
$user = Get-ADUser -Filter "SamAccountName -eq '$($c.Sam)'" -ErrorAction SilentlyContinue
|
|
if (-not $user) {
|
|
Write-Host "[SKIP] $($c.Sam) -- not found in AD (account creation may have failed)"
|
|
$sgSkipped++
|
|
continue
|
|
}
|
|
|
|
$inGroup = Get-ADGroupMember -Identity $Group -ErrorAction SilentlyContinue |
|
|
Where-Object { $_.SamAccountName -eq $c.Sam }
|
|
|
|
if ($inGroup) {
|
|
Write-Host "[SKIP] $($c.Sam) -- already in $Group"
|
|
$sgSkipped++
|
|
continue
|
|
}
|
|
|
|
try {
|
|
Add-ADGroupMember -Identity $Group -Members $c.Sam
|
|
Write-Host "[OK] $($c.Sam) -- added to $Group"
|
|
$added++
|
|
}
|
|
catch {
|
|
Write-Host "[ERROR] $($c.Sam) -- $_"
|
|
$sgFailed++
|
|
}
|
|
}
|
|
|
|
Write-Host ""
|
|
Write-Host ("SG-Caregivers: {0} added, {1} failed, {2} skipped" -f $added, $sgFailed, $sgSkipped)
|
|
Write-Host ""
|
|
Write-Host "Next: force Entra Connect delta sync on CS-SERVER:"
|
|
Write-Host " Start-ADSyncSyncCycle -PolicyType Delta"
|
|
Write-Host ""
|
|
Write-Host "After sync (~30 min), M365 will provision Exchange mailboxes for all 4 accounts."
|