9.0 KiB
9.0 KiB
G1 AD Hygiene - EXECUTE
Command ID: d49bb8dd-4916-4634-bf0c-c46bbcfcd81b Exit: 0 Completed: 2026-04-23T03:32:39.186512Z
STDOUT
G1 AD Hygiene - 2026-04-22 20:32:32 -07:00
Host: CS-SERVER
Mode: EXECUTE
Backup dir: D:\Backups\g1-hygiene-2026-04-22-203232
============================================================================
== 0. Pre-state backup (always runs)
============================================================================
[OK] Exported users-pre.csv
[OK] Exported groups-pre.csv
[OK] Exported ous-pre.csv
[OK] Pre-state saved at D:\Backups\g1-hygiene-2026-04-22-203232
Rollback commands (if needed after execute):
- proxyAddresses: Set-ADUser from users-pre.csv column ProxyAddresses
- OU moves: Move-ADObject back to old DistinguishedName
- Groups created today: Remove-ADGroup (safe since memberless)
============================================================================
== 1. OU=Excluded-From-Sync + move 4 role accounts
============================================================================
[DID] Created OU=Excluded-From-Sync
[DID] Moved Culinary: OU=Culinary,OU=Departments,DC=cascades,DC=local -> OU=Excluded-From-Sync,DC=cascades,DC=local
[DID] Moved Receptionist: CN=Users,DC=cascades,DC=local -> OU=Excluded-From-Sync,DC=cascades,DC=local
[DID] Moved saleshare: OU=Marketing,OU=Departments,DC=cascades,DC=local -> OU=Excluded-From-Sync,DC=cascades,DC=local
[DID] Moved directoryshare: CN=Users,DC=cascades,DC=local -> OU=Excluded-From-Sync,DC=cascades,DC=local
============================================================================
== 2. Populate proxyAddresses (34 users - live data from M365 Graph 2026-04-22)
============================================================================
[DID] Allison.Reibschied
before: <empty>
after: SMTP:Allison.Reibschied@cascadestucson.com
mail=Allison.Reibschied@cascadestucson.com
[DID] Alyssa.Brooks
before: <empty>
after: SMTP:alyssa.brooks@cascadestucson.com
mail=alyssa.brooks@cascadestucson.com
[DID] Ashley.Jensen
before: <empty>
after: SMTP:ashley.jensen@cascadestucson.com; smtp:ashley.jenson@cascadestucson.com
mail=ashley.jensen@cascadestucson.com
[DID] britney.thompson
before: <empty>
after: SMTP:Britney.Thompson@cascadestucson.com
mail=Britney.Thompson@cascadestucson.com
[DID] Cathy.Kingston
before: <empty>
after: SMTP:cathy.kingston@cascadestucson.com
mail=cathy.kingston@cascadestucson.com
[DID] Christina.DuPras
before: <empty>
after: SMTP:christina.dupras@cascadestucson.com
mail=christina.dupras@cascadestucson.com
[DID] Christine.Nyanzunda
before: <empty>
after: SMTP:christine.nyanzunda@cascadestucson.com
mail=christine.nyanzunda@cascadestucson.com
[DID] Christopher.Holick
before: <empty>
after: SMTP:christopher.holick@cascadestucson.com
mail=christopher.holick@cascadestucson.com
[DID] Crystal.Rodriguez
before: <empty>
after: SMTP:crystal.rodriguez@cascadestucson.com; smtp:crystal.suszek@cascadestucson.com
mail=crystal.rodriguez@cascadestucson.com
[DID] howard
before: <empty>
after: SMTP:dax.howard@cascadestucson.com; smtp:cara.lespron@cascadestucson.com
mail=dax.howard@cascadestucson.com
[DID] JD.Martin
before: <empty>
after: SMTP:jd.martin@cascadestucson.com
mail=jd.martin@cascadestucson.com
[DID] John.Trozzi
before: <empty>
after: SMTP:john.trozzi@cascadestucson.com
mail=john.trozzi@cascadestucson.com
[DID] Julian.Crim
before: <empty>
after: SMTP:julian.crim@cascadestucson.com
mail=julian.crim@cascadestucson.com
[DID] karen.rossini
before: <empty>
after: SMTP:karen.rossini@cascadestucson.com
mail=karen.rossini@cascadestucson.com
[DID] Kyla.QuickTiffany
before: <empty>
after: SMTP:kyla.quicktiffany@cascadestucson.com
mail=kyla.quicktiffany@cascadestucson.com
[DID] lauren.hasselman
before: <empty>
after: SMTP:lauren.hasselman@cascadestucson.com
mail=lauren.hasselman@cascadestucson.com
[DID] Lois.Lane
before: <empty>
after: SMTP:lois.lane@cascadestucson.com
mail=lois.lane@cascadestucson.com
[DID] Lupe.Sanchez
before: <empty>
after: SMTP:lupe.sanchez@cascadestucson.com
mail=lupe.sanchez@cascadestucson.com
[DID] Matt.Brooks
before: <empty>
after: SMTP:matthew.brooks@cascadestucson.com
mail=matthew.brooks@cascadestucson.com
[DID] Megan.Hiatt
before: <empty>
after: SMTP:megan.hiatt@cascadestucson.com
mail=megan.hiatt@cascadestucson.com
[DID] Meredith.Kuhn
before: <empty>
after: SMTP:meredith.kuhn@cascadestucson.com
mail=meredith.kuhn@cascadestucson.com
[DID] Michelle.Shestko
before: <empty>
after: SMTP:michelle.shestko@cascadestucson.com
mail=michelle.shestko@cascadestucson.com
[DID] Ramon.Castaneda
before: <empty>
after: SMTP:ramon.castaneda@cascadestucson.com; smtp:ramon.castanada@cascadestucson.com; smtp:ramon.casteneda@cascadestucson.com
mail=ramon.castaneda@cascadestucson.com
[DID] Ray.Rai
before: <empty>
after: SMTP:ray.rai@cascadestucson.com
mail=ray.rai@cascadestucson.com
[DID] Richard.Adams
before: <empty>
after: SMTP:richard.adams@cascadestucson.com
mail=richard.adams@cascadestucson.com
[DID] Sebastian.Leon
before: <empty>
after: SMTP:sebastian.leon@cascadestucson.com
mail=sebastian.leon@cascadestucson.com
[DID] Sharon.Edwards
before: <empty>
after: SMTP:sharon.edwards@cascadestucson.com
mail=sharon.edwards@cascadestucson.com
[DID] Shelby.Trozzi
before: <empty>
after: SMTP:Shelby.Trozzi@cascadestucson.com
mail=Shelby.Trozzi@cascadestucson.com
[DID] Sheldon.Gardfrey
before: <empty>
after: SMTP:sheldon.gardfrey@cascadestucson.com
mail=sheldon.gardfrey@cascadestucson.com
[DID] Shontiel.Nunn
before: <empty>
after: SMTP:shontiel.nunn@cascadestucson.com
mail=shontiel.nunn@cascadestucson.com
[DID] Susan.Hicks
before: <empty>
after: SMTP:susan.hicks@cascadestucson.com
mail=susan.hicks@cascadestucson.com
[DID] sysadmin
before: <empty>
after: SMTP:sysadmin@cascadestucson.com
mail=sysadmin@cascadestucson.com
[DID] Tamra.Matthews
before: <empty>
after: SMTP:tamra.matthews@cascadestucson.com; smtp:tamra.johnson@cascadestucson.com
mail=tamra.matthews@cascadestucson.com
[DID] Veronica.Feller
before: <empty>
after: SMTP:veronica.feller@cascadestucson.com
mail=veronica.feller@cascadestucson.com
============================================================================
== 3. Create 16 SG-* security groups (CA / file-share / break-glass)
============================================================================
[DID] Created SG-External-Signin-Allowed
[DID] Created SG-Caregivers
[DID] Created SG-FrontDesk
[DID] Created SG-CourtesyPatrol
[DID] Created SG-Drivers
[DID] Created SG-Management-RW
[DID] Created SG-Sales-RW
[DID] Created SG-Culinary-RW
[DID] Created SG-IT-RW
[DID] Created SG-Receptionist-RW
[DID] Created SG-Directory-RW
[DID] Created SG-Server-RW
[DID] Created SG-Chat-RW
[DID] Created SG-Office-PHI-External
[DID] Created SG-Office-PHI-Internal
[DID] Created SG-CA-BreakGlass
============================================================================
== 4. DisplayName cosmetic fixes (3 users)
============================================================================
[DID] Crystal.Rodriguez DisplayName: 'Crystal Rodriguez' -> 'Crystal Rodriguez'
[DID] howard DisplayName: 'howard' -> 'Howard Dax'
[DID] Cathy.Kingston DisplayName: 'Cathy.Kingston' -> 'Cathy Kingston'
============================================================================
== 5. Summary
============================================================================
Mode: EXECUTE
Created: 17
Moved: 4
Updated: 37
Skipped: 0
Errors: 0
Backup dir: D:\Backups\g1-hygiene-2026-04-22-203232
EXECUTE complete. Recommended next steps:
1. Re-run in DRY-RUN to confirm 0 [WOULD] entries (idempotency check)
2. Export users-post.csv for the audit trail (in D:\Backups\g1-hygiene-2026-04-22-203232)
3. Proceed to Gate G2 (M365 role-account shared-mailbox conversion)
Completed at 2026-04-22 20:32:38 -07:00
stderr: