First Commit

Services/Gestion des arrivées-départs/README.md

@@ -0,0 +1,10 @@
+# Gestion des arrivées/départs au GENES (hors ENSAI)
+
+## Elèves 
+
+```mermaid
+  graph TD
+    start("Eleve Admis") --> inscription
+      inscription --> dd
+
+```

Services/Gestion des arrivées-départs/eleves/creation-mail.ps1

@@ -0,0 +1,22 @@
+$login = $args[0];
+$email = $args[1];
+$alias = $args[2];
+
+$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://sp-exch01.ensae.fr/PowerShell/ -Authentication Kerberos
+Import-PSSession $Session -DisableNameChecking -AllowClobber | Out-Null
+
+try {
+
+
+Enable-Mailbox -Identity $login -Database "DB01_ELEVES-SP-EXCH01" -Alias $login -PrimarySmtpAddress $email | Out-Null
+write-host "0"
+
+}
+
+catch {
+
+
+write-host "1"
+
+}
+Remove-PSSession $Session

Services/Gestion des arrivées-départs/eleves/homedirectory.ps1

@@ -0,0 +1,85 @@
+$login = $args[0];
+$basehomedirectory = "\\paradis\eleves\";
+$homedirectory = $basehomedirectory + $login;
+$domain = "ENSAE\"
+$user = $domain + $login ; 
+
+if(!(Test-Path -Path $homedirectory )){
+
+    New-Item -Path $homedirectory -ItemType directory | Out-Null
+ 
+    #Define FileSystemAccessRights:identifies what type of access we are defining, whether it is Full Access, Read, Write, Modify
+    $FileSystemAccessRights = [System.Security.AccessControl.FileSystemRights]"FullControl"
+
+    #define InheritanceFlags:defines how the security propagates to child objects by default
+    #Very important - so that users have ability to create or delete files or folders 
+    #in their folders
+
+    $InheritanceFlags = [System.Security.AccessControl.InheritanceFlags]::"ContainerInherit", "ObjectInherit"
+
+    #Define PropagationFlags: specifies which access rights are inherited from the parent folder (users folder).
+
+    $PropagationFlags = [System.Security.AccessControl.PropagationFlags]::None
+
+    #Define AccessControlType:defines if the rule created below will be an 'allow' or 'Deny' rule
+
+    $AccessControl =[System.Security.AccessControl.AccessControlType]::Allow 
+    #define a new access rule to apply to users folfers
+
+    $acl1 = New-Object System.Security.AccessControl.FileSystemAccessRule `
+    ("Admins du domaine", $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl) 
+
+    $acl2 = New-Object System.Security.AccessControl.FileSystemAccessRule `
+    ("Système", $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl) 
+
+    $acl3 = New-Object System.Security.AccessControl.FileSystemAccessRule `
+    ($login, $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl) 
+	
+	$acl4 = New-Object System.Security.AccessControl.FileSystemAccessRule `
+    ("administrationannuai", $FileSystemAccessRights, $InheritanceFlags, $PropagationFlags, $AccessControl)
+	
+    #ACL Admins du domaine
+    $rule1 = Get-ACL -path $homedirectory
+    #Add this access rule to the ACL
+    $rule1.SetAccessRule($acl1)
+    #Write the changes to the user folder
+    Set-ACL -path $homedirectory -AclObject $rule1
+	
+	#ACL Systeme
+	$rule2 = Get-ACL -path $homedirectory
+    #Add this access rule to the ACL
+    $rule2.SetAccessRule($acl2)
+    #Write the changes to the user folder
+    Set-ACL -path $homedirectory -AclObject $rule2
+
+	#ACL Utilisateur final
+	$rule3 = Get-ACL -path $homedirectory
+    #Add this access rule to the ACL
+    $rule3.SetAccessRule($acl3)
+    #Write the changes to the user folder
+    Set-ACL -path $homedirectory -AclObject $rule3
+
+	#On casse l heritage mais on ne supprime pas les acls heritees
+	$acl = Get-ACL -Path $homedirectory
+    $acl.SetAccessRuleProtection($True, $False)
+    Set-Acl -Path $homedirectory -AclObject $acl
+	
+	#On copie le login sur admanager pour gestion des ACLs plus fine
+	$destination = "\\admanager\monitor$\"
+	$pathdestination = $destination + $login
+	
+try 
+ {
+	New-Item $pathdestination -ItemType file | Out-Null
+	Write-host "0"
+ }
+ 
+Catch {
+
+Write-Error "1"
+}
+}
+else 
+	{
+	Write-host "1"
+	}