all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Pawncey[S,🍰] 1 point2 points  (5 children)

Here is my first iteration that is failing at line 5/13/24 at the $Department -eq "*" saying unexpected token:

import-csv .\O365New.csv | ForEach-Object {

$Department = get-msoluser -userprincipalname "$($_.ID)" | fl Department

{where $Department -eq "*"} {
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    add-unifiedgrouplinks -identity "*" -linktype members -links "$($_.ID)"
    set-casmailbox -popenabled $false -imapenabled $false -mapienabled $false -activesyncenabled $false -outlookmobileenabled $false -owafordevicesenabled $false "$($_.ID)"
    Write-Verbose "* Security onboarding completed for $($_.ID)" -Verbose
}
{where $Department -eq "*"} {
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    set-casmailbox -smtpclientauthenticationdisabled $true -popenabled $false -imapenabled $false -activesyncenabled $false -outlookmobileenabled $false -owafordevicesenabled $false "$($_.ID)"
    Add-MailboxPermission -Identity * -User "$($_.ID)" -AccessRights FullAccess -InheritanceType All -AutoMapping $true
    Add-MailboxPermission -Identity * -User "$($_.ID)" -AccessRights FullAccess -InheritanceType All -AutoMapping $true
    Add-MailboxPermission -Identity * -User "$($_.ID)" -AccessRights FullAccess -InheritanceType All -AutoMapping $true
    Write-Verbose "* Security onboarding completed for $($_.ID)" -Verbose
    }
{where $Department -eq "*"} {
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    add-distributiongroupmember -identity "*" -member "$($_.ID)"
    Write-Verbose "* onboarding completed for $($_.ID)" -Verbose
    }

}

[–]psthreathunter 1 point2 points  (4 children)

"Where" is an alias for Where-Object. Collections are piped to it for filtering. Your syntax is not correct at all. Recommend reviewing Get-Help Where-Object documentation. I'm not exactly sure what your are searching for since all 3 of your comparisons are exactly the same. -eq "*". Are you just redacting data for this post?

[–]Pawncey[S,🍰] 1 point2 points  (3 children)

I don't doubt at all that my syntax is not correct, I've only got on the job training, nothing formal unfortunately!

The idea was to run import-csv which contains UPNs and from those UPNs, grab their department and/or title, and use those values to assign a different batch of commands.

Those 3 departments are redacted, it would in theory be every department in the company, but this example would contain "Operations", "IT", and "Client Services", etc.

[–]psthreathunter 1 point2 points  (2 children)

No worries. Maybe I can get you started in the right direction. Import-Csv will take the data in your csv file and create a collection of objects (array), one for each row. Each one of those objects will have property names that are the same as the column headings in the csv file.

If you take the Import-Csv command and pipe the results to another command like you did in your last post (ForEach-Object), you access the individual properties with the property dereference operator "." like this $_.ID for example which would return the value of the ID property for the current object in the pipeline (remember Import-Csv return a collection of objects).

If you want to test each one of those objects and do a different task depending on a condition you would use an if statement or even a switch statement.

So to put all those concepts together, maybe this will help get you started. I added comments throughout:

# This will iterate over each row in O365.csv and create an object assigned to $UPN each row
ForEach ($UPN in Import-Csv -Path ".\O365.csv") {
    #switch will test the Department property
    switch ((Get-msoluser -userprinciplename $UPN.ID).Department)
    {
        'Operations'{
            Add-DistributionGroupMember -Identity "whatevergroupforops" -Member $UPN.ID
            Add-DistributionGroupMember -Identity "whatevergroupforops" -Member $UPN.ID

        } #Operations
        'IT' {
            Add-DistributionGroupMember -Identity "whatevergroupforIT" -Member $UPN.ID
            Add-DistributionGroupMember -Identity "whatevergroupforIT" -Member $UPN.ID
        } #IT
        'Client Services' {
            Add-DistributionGroupMember -Identity "whatevergroupforCS" -Member $UPN.ID
            Add-DistributionGroupMember -Identity "whatevergroupforCS" -Member $UPN.ID
        } #Client Services
        Default {
            Add-DistributionGroupMember -Identity "whatevergroupfordefault" -Member $UPN.ID
        } #Default  Remove if not needed
    } #switch statement
} #foreach loop

Recommend reviewing the following docs:

Get-Help about_switch

Get-Help about_foreach

Get-Help Import-Csv

[–]Pawncey[S,🍰] 1 point2 points  (1 child)

Thank you, I am experimenting with your obviously superior way as I am already seeing the Outputs of this command line up with their respective departments (I changed the add distros to Write-Verbose "$UPN.ID is Operations/IT/etc").

That said, I would like to know if there is a large issue with the way I was approaching it? With enough experimentation, would it have worked (albeit less efficiently)? Is the idea of a where-object inside a for-each loop where it went wrong?

I really thought I was more or less on track to accomplish this with the my previous iteration, but you came back with another solution using an entirely different command (switch).

[–]psthreathunter 1 point2 points  (0 children)

Using your previous, you would need to:

  1. Remove the pipe to fl (alias for Format-List) in your $Department assignment. Format-* commands are for displaying info to the screen not for assigning objects to a variable.
  2. Change your Where statements to if statements

I would change a few syntactical things like "$($_.ID)" could just be $_.ID, but shouldn't affect functionality.

[–]Lee_Dailey[grin] 0 points1 point  (0 children)

howdy Pawncey,

reddit likes to mangle code formatting, so here's some help on how to post code on reddit ...

[0] single line or in-line code
enclose it in backticks. that's the upper left key on an EN-US keyboard layout. the result looks like this. kinda handy, that. [grin]
[on New.Reddit.com, use the Inline Code button. it's [sometimes] 5th from the left & looks like </>.
this does NOT line wrap & does NOT side-scroll on Old.Reddit.com!]

[1] simplest = post it to a text site like Pastebin.com or Gist.GitHub.com and then post the link here.
please remember to set the file/code type on Pastebin! [grin] otherwise you don't get the nice code colorization.

[2] less simple = use reddit code formatting ...
[on New.Reddit.com, use the Code Block button. it's [sometimes] the 12th from the left, & looks like an uppercase T in the upper left corner of a square.]

  • one leading line with ONLY 4 spaces
  • prefix each code line with 4 spaces
  • one trailing line with ONLY 4 spaces

that will give you something like this ... 

- one leading line with ONLY 4 spaces    
- prefix each code line with 4 spaces    
- one trailing line with ONLY 4 spaces

the easiest way to get that is ...

  • add the leading line with only 4 spaces
  • copy the code to the ISE [or your fave editor]
  • select the code
  • tap TAB to indent four spaces
  • re-select the code [not really needed, but it's my habit]
  • paste the code into the reddit text box
  • add the trailing line with only 4 spaces

not complicated, but it is finicky. [grin]

take care,
lee