AfroThundr3007730 · March 14, 2021 21:34 · AfroThundr3007730 · Jun 25, 2020
diff --git a/Set-UserPrimaryComputer.ps1 b/Set-UserPrimaryComputer.ps1
 # Script to enforce Primary Computer attribute by OU mapping
 # Used to limit the scope of roaming profiles and folder redirection

 Start-Transcript 'C:\ProgramData\primary-computers.log' -Append

 Write-Host 'Checking and updating user Primary Computer mappings.'
 # Define group mapping array
 $groupMappings = @()
 # Add members to array
 $groupMappings += @{
    userOU = '<OU containing users to modify>'
    machineOU = '<OU containing machines to add>'
 }
 # $groupMappings += @{
 #     userOU = '<additional user OUs>'
 #     machineOU = '<additional machine OUs>'
 # }
 $pcAttrib = 'msDS-PrimaryComputer'

 foreach ($mapping in $groupMappings) {
    # Iterate over mappings and set primary computers
    $users = Get-ADUser -SearchBase $mapping.userOU -Filter { Enabled -eq $true } -Properties $pcAttrib
    $machines = Get-ADComputer -SearchBase $mapping.machineOU -Filter { Enabled -eq $true }
    $users = $users | Foreach-Object { 
        if (Compare-Object $_.$pcAttrib $machines) { $_ }
    }

    if ($users) {
        Write-Host ('Setting {0} for the following users:' -f $pcAttrib)
        $users.DistinguishedName
        Write-Host 'Machines to be added for each user:'
        $machines.DistinguishedName

        $users | Set-ADUser -Clear $pcAttrib
        if ($machines) {
            $users | Set-ADUser -Add @{ $pcAttrib = $machines.DistinguishedName }
        }
    }
 }

 Write-Host 'User primary computer mapping complete.'

 Stop-Transcript
	# Script to enforce Primary Computer attribute by OU mapping
	# Used to limit the scope of roaming profiles and folder redirection

	Start-Transcript 'C:\ProgramData\primary-computers.log' -Append

	Write-Host 'Checking and updating user Primary Computer mappings.'
	# Define group mapping array
	$groupMappings = @()
	# Add members to array
	$groupMappings += @{
	userOU = '<OU containing users to modify>'
	machineOU = '<OU containing machines to add>'
	}
	# $groupMappings += @{
	# userOU = '<additional user OUs>'
	# machineOU = '<additional machine OUs>'
	# }
	$pcAttrib = 'msDS-PrimaryComputer'

	foreach ($mapping in $groupMappings) {
	# Iterate over mappings and set primary computers
	$users = Get-ADUser -SearchBase $mapping.userOU -Filter { Enabled -eq $true } -Properties $pcAttrib
	$machines = Get-ADComputer -SearchBase $mapping.machineOU -Filter { Enabled -eq $true }
	$users = $users \| Foreach-Object {
	if (Compare-Object $_.$pcAttrib $machines) { $_ }
	}

	if ($users) {
	Write-Host ('Setting {0} for the following users:' -f $pcAttrib)
	$users.DistinguishedName
	Write-Host 'Machines to be added for each user:'
	$machines.DistinguishedName

	$users \| Set-ADUser -Clear $pcAttrib
	if ($machines) {
	$users \| Set-ADUser -Add @{ $pcAttrib = $machines.DistinguishedName }
	}
	}
	}

	Write-Host 'User primary computer mapping complete.'

	Stop-Transcript