start-ReplaceOnPrem.ps1
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 |
<#
.SYNOPSIS This function resets the on premises dependencies of the group that was mirgated. .DESCRIPTION This function resets the on premises dependencies of the group that was mirgated. .PARAMETER routingContact The original configuration of the DL on premises. .PARAMETER attributeOperation The attibute that we will be operating against. .PARAMETER canonicalObject The canonical object that will be reset. .PARAMETER adCredential The active directory credential .PARAMETER globalCatalogServer The global catalog server. .OUTPUTS None .EXAMPLE sstart-replaceONPrem -canonicalObject $object -attributeOperation $attribute -routingContactConfiguration $routingContactDN -adCredential $cred #> Function start-ReplaceOnPrem { [cmdletbinding()] Param ( [Parameter(Mandatory = $true)] $routingContact, [Parameter(Mandatory = $true)] [string]$attributeOperation, [Parameter(Mandatory = $true)] $canonicalObject, [Parameter(Mandatory = $true)] $adCredential, [Parameter(Mandatory = $true)] [string]$globalCatalogServer ) #Output all parameters bound or unbound and their associated values. write-functionParameters -keyArray $MyInvocation.MyCommand.Parameters.Keys -parameterArray $PSBoundParameters -variableArray (Get-Variable -Scope Local -ErrorAction Ignore) [string]$isTestError="No" #Start function processing. Out-LogFile -string "********************************************************************************" Out-LogFile -string "BEGIN start-ReplaceOnPrem" Out-LogFile -string "********************************************************************************" #Declare function variables. $functionContactObject = get-canonicalName -globalCatalogServer $globalCatalogServer -dn $routingContact.distinguishedName -adCredential $adCredential $loopCounter=0 $functionSleepTest=$FALSE $loopError=$FALSE out-Logfile -string "Processing operation..." #If the contact and the object to operate on are in the same domain - the utilize the same GC that we have for other operations. #If not - we'll need to utilize the domain name as the server - and allow the AD commandlts to make a best attempt against a DC in that domain based on "best selection." if ($functionContactObject.canonicalDomainName -eq $canonicalObject.canonicalDomainName) { out-logfile -string "Source and Target objects are in the same domain - utilize GC." try{ set-adobject -identity $canonicalObject.distinguishedName -add @{$attributeOperation=$routingContact.distinguishedName} -server $globalCatalogServer -credential $adCredential -errorAction STOP } catch{ out-logfile -string $_ $isTestError="Yes" } } else { out-logfile -string "Source and target are in different domains - adding additional sleep and trying operation." do { $loopError = $FALSE if ($functionSleepTest -ne $FALSE) { start-sleepProgress -sleepString "Failed adding member to the group - sleeping before rety." -sleepSeconds 30 } try { set-adobject -identity $canonicalObject.distinguishedName -add @{$attributeOperation=$routingContact.distinguishedName} -server $canonicalObject.canonicalDomainName -credential $adCredential -errorAction STOP $functionSleepTest=$TRUE $loopCounter++ } catch { out-logfile -string "Error adding member to group." $loopError = $TRUE } } while (($loopError -eq $TRUE) -and ($loopCounter -eq 10)) } if ($loopCounter -eq 10) { out-logfile -string "ERROR adding member to group." out-logfile -string $canonicalObject.canonicalName $isTestError="Yes" } else { out-logfile -string "Operation processed successfully" } Out-LogFile -string "END start-replaceOnPrem" Out-LogFile -string "********************************************************************************" return $isTestError } |