Setting demo AD environments

Finally I will always have great AD demo environments with no accounts named TestUser01 or alike. This is the outcome of the setting up test AD environments discussion we had this week. Darren and Rob suggested a couple of tricks on duplicating AD to a test lab, and xaegr provided a great link to US census information data on the most frequently used names, as well as a sample script I am re-using and enhancing below.

I basically took what xaegr suggested, added other properties to user accounts (first name, last name, city, department), and added code creating global security groups for each department and adding users into the groups. Here goes the code:

################################################
# Script to provision demo AD labs
# (c) Dmitry Sotnikov, xaegr
# Requires AD cmdlets
################################################

# Add AD cmdlets (should be downloaded from 
# http://www.quest.com/activeroles_server/arms.aspx
# and installed on the local workstation
# the script assumes the workstation is a part of the domain

Add-PSSnapin  Quest.ActiveRoles.ADManagement -ErrorAction SilentlyContinue

# set folder in which the data files are located
# this folder should contain files from
# http://www.census.gov/genealogy/names/names_files.html
# as well as cities.txt and departments.txt with the
# lists of cities and departments for the lab
cd c:\demofiles

# set OU for demo accounts
$OU = "ps64.local/test"
# number of accounts to generate
$num = 100

# read name files
$last = Get-Content dist.all.last | select -First 1000
$firstm = Get-Content dist.male.first | select -First 100
$firstf = Get-Content dist.female.first | select -first 100

# extract the names
$last = $last | where {$_ -match "^(\S+)"}|foreach-object {$matches[1]}
$firstf = $firstf | where {$_ -match "^(\S+)"}|foreach-object {$matches[1]}
$firstm = $firstm | where {$_ -match "^(\S+)"}|foreach-object {$matches[1]}

# read department and city info
$cities = Get-Content Cities.txt
$depts = Get-Content Departments.txt

# set up random number generator
$rnd = New-Object System.Random

function New-RandomADUser {
    # pick a male or a female first name
    if($rnd.next(2) -eq 1) {
        $fn = $firstm[$rnd.next($firstm.length)]
    } else {
        $fn = $firstf[$rnd.next($firstf.length)]
    }
    # random last name
    $ln=$last[$rnd.next($last.length)]

    # Set proper caps
    $ln = $ln[0] + $ln.substring(1, $ln.length - 1).ToLower()
    $fn = $fn[0] + $fn.substring(1, $fn.length - 1).ToLower()

    # random city and department
    $city = $cities[$rnd.next($cities.length)]
    $dept = $depts[$rnd.next($depts.length)]

    # Create and enable a user
    
    if ( ( Get-QADUser -SamAccountName ($fn.substring(0,1) + $ln) ) -eq $null ) {
    
        New-QADUser -Name "$fn $ln" -SamAccountName ($fn.substring(0,1) + $ln) `
                    -ParentContainer $OU -City $city -Department $dept `
                    -UserPassword "P@ssw0rd" -FirstName $fn -LastName $ln `
                    -DisplayName "$fn $ln" -Description "$city $dept" -Office $city `
                    | Enable-QADUser
    }
}

# Create 100 users
1..$num | ForEach-Object { New-RandomADUser }

# Create groups for each department
Get-QADUser -SearchRoot $OU | Group Department | ForEach-Object {
    New-QADGroup -Name $_.Name -SamAccountName $_.Name -ParentContainer $OU
}

# Add users to the groups based on their departments
Get-QADUser -SearchRoot $OU | Add-QADGroupMember -Identity { $_.Department }

The files for names can be found on the census page, the files for cities and departments I was using are attached (note that to increase probability of a certain department or city you just need to duplicate it a few times in the file) as well as the script code:

• DemoProvision.ps1
• cities.txt
• departments.txt

Let me know if there’s anything else you need for your demo environments!

Tags: AD, AD cmdlets, Active Directory, Demo, PowerShell
Add to: | Technorati | Digg | del.icio.us | Yahoo | BlinkList | Spurl | reddit | Furl |

About these ads