From e23855ce27317b3fd4f74346118e0cc0943c57eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Couralet?= Date: Tue, 5 Sep 2023 09:02:05 +0200 Subject: [PATCH] First Commit --- README.md | 0 .../Gestion des arrivées-départs/README.md | 10 +++ .../eleves/creation-compte.php | 0 .../eleves/creation-mail.ps1 | 22 +++++ .../eleves/homedirectory.ps1 | 85 +++++++++++++++++++ 5 files changed, 117 insertions(+) create mode 100644 README.md create mode 100644 Services/Gestion des arrivées-départs/README.md create mode 100644 Services/Gestion des arrivées-départs/eleves/creation-compte.php create mode 100644 Services/Gestion des arrivées-départs/eleves/creation-mail.ps1 create mode 100644 Services/Gestion des arrivées-départs/eleves/homedirectory.ps1 diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/Services/Gestion des arrivées-départs/README.md b/Services/Gestion des arrivées-départs/README.md new file mode 100644 index 0000000..db8ba9c --- /dev/null +++ b/Services/Gestion des arrivées-départs/README.md @@ -0,0 +1,10 @@ +# Gestion des arrivées/départs au GENES (hors ENSAI) + +## Elèves + +```mermaid + graph TD + start("Eleve Admis") --> inscription + inscription --> dd + +``` \ No newline at end of file diff --git a/Services/Gestion des arrivées-départs/eleves/creation-compte.php b/Services/Gestion des arrivées-départs/eleves/creation-compte.php new file mode 100644 index 0000000..e69de29 diff --git a/Services/Gestion des arrivées-départs/eleves/creation-mail.ps1 b/Services/Gestion des arrivées-départs/eleves/creation-mail.ps1 new file mode 100644 index 0000000..cb30d99 --- /dev/null +++ b/Services/Gestion des arrivées-départs/eleves/creation-mail.ps1 @@ -0,0 +1,22 @@ +$login = $args[0]; +$email = $args[1]; +$alias = $args[2]; + +$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://sp-exch01.ensae.fr/PowerShell/ -Authentication Kerberos +Import-PSSession $Session -DisableNameChecking -AllowClobber | Out-Null + +try { + + +Enable-Mailbox -Identity $login -Database "DB01_ELEVES-SP-EXCH01" -Alias $login -PrimarySmtpAddress $email | Out-Null +write-host "0" + +} + +catch { + + +write-host "1" + +} +Remove-PSSession $Session diff --git a/Services/Gestion des arrivées-départs/eleves/homedirectory.ps1 b/Services/Gestion des arrivées-départs/eleves/homedirectory.ps1 new file mode 100644 index 0000000..239e9af --- /dev/null +++ b/Services/Gestion des arrivées-départs/eleves/homedirectory.ps1 @@ -0,0 +1,85 @@ +$login = $args[0]; +$basehomedirectory = "\\paradis\eleves\"; +$homedirectory = $basehomedirectory + $login; +$domain = "ENSAE\" +$user = $domain + $login ; + +if(!(Test-Path -Path $homedirectory )){ + + New-Item -Path $homedirectory -ItemType directory | Out-Null + + #Define FileSystemAccessRights:identifies what type of access we are defining, whether it is Full Access, Read, Write, Modify + $FileSystemAccessRights = [System.Security.AccessControl.FileSystemRights]"FullControl" + + #define InheritanceFlags:defines how the security propagates to child objects by default + #Very important - so that users have ability to create or delete files or folders + #in their folders + + $InheritanceFlags = [System.Security.AccessControl.InheritanceFlags]::"ContainerInherit", "ObjectInherit" + + #Define PropagationFlags: specifies which access rights are inherited from the parent folder (users folder). + + $PropagationFlags = [System.Security.AccessControl.PropagationFlags]::None + + #Define AccessControlType:defines if the rule created below will be an 'allow' or 'Deny' rule + + $AccessControl =[System.Security.AccessControl.AccessControlType]::Allow + #define a new access rule to apply to users folfers + + $acl1 = New-Object System.Security.AccessControl.FileSystemAccessRule ` + ("Admins du domaine", $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl) + + $acl2 = New-Object System.Security.AccessControl.FileSystemAccessRule ` + ("Système", $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl) + + $acl3 = New-Object System.Security.AccessControl.FileSystemAccessRule ` + ($login, $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl) + + $acl4 = New-Object System.Security.AccessControl.FileSystemAccessRule ` + ("administrationannuai", $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl) + + #ACL Admins du domaine + $rule1 = Get-ACL -path $homedirectory + #Add this access rule to the ACL + $rule1.SetAccessRule($acl1) + #Write the changes to the user folder + Set-ACL -path $homedirectory -AclObject $rule1 + + #ACL Systeme + $rule2 = Get-ACL -path $homedirectory + #Add this access rule to the ACL + $rule2.SetAccessRule($acl2) + #Write the changes to the user folder + Set-ACL -path $homedirectory -AclObject $rule2 + + #ACL Utilisateur final + $rule3 = Get-ACL -path $homedirectory + #Add this access rule to the ACL + $rule3.SetAccessRule($acl3) + #Write the changes to the user folder + Set-ACL -path $homedirectory -AclObject $rule3 + + #On casse l heritage mais on ne supprime pas les acls heritees + $acl = Get-ACL -Path $homedirectory + $acl.SetAccessRuleProtection($True, $False) + Set-Acl -Path $homedirectory -AclObject $acl + + #On copie le login sur admanager pour gestion des ACLs plus fine + $destination = "\\admanager\monitor$\" + $pathdestination = $destination + $login + +try + { + New-Item $pathdestination -ItemType file | Out-Null + Write-host "0" + } + +Catch { + +Write-Error "1" +} +} +else + { + Write-host "1" + } \ No newline at end of file