Archive for August, 2016

Powershell script to read column from CSV file, excluding one or more values

This script will read the input CSV file, and look for a column name as entered in either the -Column or -Alias parameters. If column is found, the script will read all the values in that column, exclude any values passed in the -ExcludeValue parameter, and return all remaining values.

Read-CSV -FileName ‘.\MigrationData-1.csv’ -Column ‘user’ -Verbose
This example reads and returns all values in column ‘user’


$UserList = Read-CSV -FileName ‘.\MigrationData-1.csv’ -Column ‘user’ -ExcludeValue ‘none’,’N/a’ -Verbose
This example reads and returns all values in column ‘user’, excluding the values ‘none and ‘n/a’ (not case sensitive), and stores the read user names in the $UserList variable


$UserList = Read-CSV -FileName ‘.\MigrationData-1.csv’ -Column ‘samAccountName’ -Alias ‘user’,’users’,’username’ -ExcludeValue ‘none’,’N/a’ -Verbose
This example reads the input CSV file, looks for a column named ‘samAccountName’,’user’,’users’,or ‘username’, and returns all values in the found column if any, excluding the values ‘none and ‘n/a’ (not case sensitive), and stores the read user names in the $UserList variable.


Powershell script to validate if a folder exists, creates it if not, creates subfolders if needed

This function will  validate that a folder exists, and creates the folder if missing.

If the -NoCreate switch is used the function will not create a missing folder

The function will create missing subfolders as well

The parameter -FolderName can be local like ‘c:\folder 1\folder 2’ or UNC path like ‘\\server\share\folder 1\folder 2’

The -NoCreate switch insructs the function to NOT create the folder if missing

The function returns a TRUE/FALSE value. The function returns TRUE if:

  • The folder exists
  • The folder did not exist but was created by the function

The function will return FALSE if:

  • The folder doesn’t exist and the -NoCreate switch is used
  • The folder doesn’t exist and the function failed to create it

The function will create the folder tree if it does not exist. For example, if c:\sandbox has no subfolders and we run the cmdlet:

Validate-Folder f1\22\33\44\55\66\77\88 -Verbose

It will create the folders:

  • c:\sandbox\f1 and
  • c:\sandbox\f1\22 and
  • c:\sandbox\f1\22\33 and
  • c:\sandbox\f1\22\33\44 and
  • c:\sandbox\f1\22\33\44\55 and
  • c:\sandbox\f1\22\33\44\55\66 and
  • c:\sandbox\f1\22\33\44\55\66\77 and
  • c:\sandbox\f1\22\33\44\55\66\77\88



Validate-Folder -FolderName c:\folder1
This example checks if folder c:\folder1 exists, creates it if not,
returns TRUE if exists or created, returns FALSE if failed to create missing folder

Validate-Folder -FolderName ‘c:\folder 2’ -NoCreate
This example checks if ‘c:\folder 2’ exists, return TRUE if it does, FALSE if it doesn’t

if (Validate-Folder ‘c:\folder 1\sub 2’) { ‘hi’ | Out-File ‘c:\folder 1\sub 2\file.txt’ }
This example checks if folder ‘c:\folder 1\sub 2’ exists,
creates it if it doesn’t,
creates file ‘c:\folder 1\sub 2\file.txt’, and
writes ‘hi’ to it

@(‘c:\folder1′,’\\server\share\folder 4’) | % { Validate-Folder $_ -Verbose }
This example validates if the folders in the input array exist, creates them if they don’t


Powershell script to provide a PS Credential object, saving password securely

Have you ever been in the situation where you need to execute a cmdlet like

Disable-ADAccount -Identity ‘Someone’ -Server ‘MyDomainController’ 

To disable a user account, but it fails because your account does not have permission to disable users?

You can use another account that have permissions to disable users by using the -Credential parameter of the Disable-ADAccount cmdlet as in

Disable-ADAccount -Identity ‘Someone’ -Server ‘MyDomainController’ -Credential (Get-Credential)

The Get-Credential cmdlet prompts for a user name and password, which is fine if ypu need to run it once or a few times. However, we often come across situation where we need to use several credentials to automate tasks in Active Directory, Exchange, SharePoint,… You will rarely have a single account that has permission to do all these tasks, or across multiple directories. In an automation script, the Get-SBCredntial function can make this easy.

Here’s an example:

$SourceADCred = Get-SBCredential 'domain1\MyADAdmin'
$TargetADCred = Get-SBCredential 'domain2\MyADAdmin'
$ExCred = Get-SBCredential 'domain1\MyExchangeAdmin'
Disable-ADAccount -Identity 'Someone' -Server 'MyDomainController1' -Credential $SourceADCred
Disable-ADAccount -Identity 'Sometwo' -Server 'MyDomainController2' -Credential $TargetADCred
Get-Mailbox -Identity '' -Credential $ExCred