-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSimulate-GroupRestorationFromExcel.ps1
More file actions
129 lines (108 loc) · 4.15 KB
/
Copy pathSimulate-GroupRestorationFromExcel.ps1
File metadata and controls
129 lines (108 loc) · 4.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<#
.SYNOPSIS
Restores or simulates restoring AD objects (Groups, Users, Contacts) to their previous OUs based on Excel input.
.DESCRIPTION
This script reads data from an Excel file containing AD object names and their historical distinguished names (DNs),
and attempts to move them back to their original Organizational Units (OUs).
It supports:
- Simulation mode (-WhatIf) or real move with -Confirm:$false
- Logging actions to a CSV file (optional)
- Handling of Users, Groups, and Contacts
.PARAMETER ExcelPath
The full path to the Excel file containing columns 'Object Name', 'Object Type', and 'Old Value'.
.PARAMETER PerformMove
If specified, performs the actual move using -Confirm:$false. Otherwise, only simulates using -WhatIf.
.PARAMETER LogPath
Optional path to save a CSV log of actions performed.
.EXAMPLE
.\Restore-ADObjectsFromExcel.ps1 -ExcelPath "C:\Scripts\RestoreList.xlsx" -PerformMove -LogPath "C:\Logs\restore_log.csv"
.NOTES
- Requires ActiveDirectory and ImportExcel modules.
- Must be run with appropriate AD permissions.
#>
param (
[Parameter(Mandatory)]
[string]$ExcelPath,
[switch]$PerformMove,
[string]$LogPath
)
# Ensure required modules
foreach ($module in @('ImportExcel', 'ActiveDirectory')) {
if (-not (Get-Module -ListAvailable -Name $module)) {
try {
Install-Module -Name $module -Scope CurrentUser -Force -ErrorAction Stop
} catch {
Write-Host "Failed to install or load module: $module" -ForegroundColor Red
exit
}
}
Import-Module $module -ErrorAction Stop
}
# Load data from Excel
try {
$data = Import-Excel -Path $ExcelPath -ErrorAction Stop
} catch {
Write-Host "Unable to read Excel file at $ExcelPath" -ForegroundColor Red
exit
}
# Initialize log collection if requested
if ($LogPath) {
$log = @()
}
foreach ($row in $data) {
$name = $row.'Object Name'
$type = $row.'Object Type'
$dn = $row.'Old Value'
if (-not $name -or -not $type -or -not $dn) {
Write-Warning "Skipping row due to missing fields."
continue
}
# Determine target OU from DN
$ou = ($dn -split ',') | Where-Object { $_ -like 'OU=*' } | ForEach-Object { $_ } | Join-String -Separator ","
if (-not $ou) {
Write-Warning "Unable to parse OU from old DN for $name"
continue
}
try {
$object = switch ($type.ToLower()) {
'user' { Get-ADUser -Identity $name -ErrorAction Stop }
'group' { Get-ADGroup -Identity $name -ErrorAction Stop }
'contact' { Get-ADObject -LDAPFilter "(&(objectClass=contact)(cn=$name))" -ErrorAction Stop }
default { throw "Unsupported object type: $type" }
}
$action = if ($PerformMove) { '-Confirm:$false' } else { '-WhatIf' }
Write-Host "[$type] $name => $ou" -ForegroundColor Cyan
if ($PerformMove) {
Move-ADObject -Identity $object.DistinguishedName -TargetPath $ou -Confirm:$false
} else {
Move-ADObject -Identity $object.DistinguishedName -TargetPath $ou -WhatIf
}
if ($LogPath) {
$log += [pscustomobject]@{
Timestamp = (Get-Date)
Name = $name
Type = $type
OU = $ou
Action = if ($PerformMove) { 'Moved' } else { 'Simulated' }
Status = 'Success'
}
}
} catch {
Write-Warning "Failed to process $name ($type): $_"
if ($LogPath) {
$log += [pscustomobject]@{
Timestamp = (Get-Date)
Name = $name
Type = $type
OU = $ou
Action = if ($PerformMove) { 'Move' } else { 'Simulate' }
Status = $_.Exception.Message
}
}
}
}
# Write log if requested
if ($LogPath -and $log.Count -gt 0) {
$log | Export-Csv -Path $LogPath -NoTypeInformation -Encoding UTF8
Write-Host "Log written to: $LogPath" -ForegroundColor Green
}