#批量建立用户账号
$password = convertto-securestring -String "123456" -AsPlainText –Force
Import-Csv c:\user.csv | %{New-ADUser -Name $_.name -SamAccountName $_.SamAccountName -Department $_.department -Title $_.title -officephone $_.officephone -userprincipalname $_.userprincipalname -givenname $_.givenname -surname $_.surname -displayname $_.name -accountpassword $password -enabled $true -Path "ou=temp,dc=itprocn,dc=com"}



#批量建立群组
Import-Csv "c:\group.csv" | ForEach-Object {New-ADGroup -Name $_.name -SamAccountName $_.samaccountname -Description $_.description -GroupScope $_.groupscope -GroupCategory $_.groupcategory -Path "ou=group,ou=itprocn,dc=itprocn,dc=com"}



#把用户加入群组
$user = Get-ADUser -Filter {department -eq "资讯部"} -SearchBase "dc=itprocn,dc=com"
Add-ADGroupMember -identity "cn=mis,ou=group,ou=itprocn,dc=itprocn,dc=com" -Members $user
或者
Get-ADUser -Filter {department -eq "人事部"} -SearchBase "dc=itprocn,dc=com" | %{
Add-ADGroupMember -identity "cn=hr,ou=group,ou=itprocn,dc=itprocn,dc=com" -Members $($_.SamAccountName)}


#单个建立目录
New-Item -path d:\temp -type directory
New-Item -path d:\common -type directory
New-Item -path d:\department -type directory

#建立目录
Import-Csv C:\hr.csv |foreach{New-Item -path D:\department\hr -name $_.name -Type directory}
Import-Csv C:\mis.csv |foreach{New-Item -path D:\department\mis -name $_.name -Type directory}
Import-Csv C:\common.csv |foreach{New-Item -path D:\common -name $_.name -Type directory}





#建立共享(需要用到cmd)
net share department=d:\department /grant:everyone,full
net share common=d:\common /grant:everyone,full
net share temp=d:\temp /grant:everyone,full

#设置权限

##设置Temp权限
icacls D:\temp /inheritance:r /grant:r administrators:(oi)(ci)(f) "creator owner":(oi)(ci)(f) "domain users":(oi)(ci)(rx,m)

##设置Common权限
icacls D:\common /inheritance:r /grant:r administrators:(oi)(ci)(f) "creator owner":(oi)(ci)(f) "domain users":(rx)

import-csv C:\group.csv | % {
$name = $_.name
icacls D:\common\$name /inheritance:r /grant:r administrators:f ""$name":f"}



##设置Department权限
icacls D:\department /inheritance:r /grant:r administrators:(oi)(ci)(f) "creator owner":(oi)(ci)(f) "domain users":(rx)
icacls D:\department\* /inheritance:r /grant:r administrators:(oi)(ci)(f) "creator owner":(oi)(ci)(f) "domain users":(rx)


import-csv C:\hr.csv | % {
$name = $_.name
icacls D:\department\hr\$name /inheritance:r /grant:r administrators:f ""$name":f"}
import-csv C:\mis.csv | % {
$name = $_.name
icacls D:\department\mis\$name /inheritance:r /grant:r administrators:f ""$name":f"}