Automatically enable users in a particular OU for Lync 2010

In Lync 2010 we now have to use either the Lync Server Management Shell or the web-based Lync Control Panel most of the administrators now have to use two different interfaces for creating users and enabling them for Lync. This is too cumbersome for many admins, especially in situations where almost everyone in an organization has to be enabled for Lync. I have received various requests for automating the process and I thought I will document it here for all. The idea is to schedule a task which will automatically Lync-enable any users in an OU who has not been enabled yet by running a PowerShell commandlet. Here is a quick and dirty way to get it ‘done’.

First we create the script which will enable the users for a specific OU, copy and paste the following two lines in a notepad and save it as “'C:\Program Files\Common Files\Microsoft Lync Server 2010\EnableUsersForLync.PS1” (you can chose any other suitable location):

import-module 'C:\Program Files\Common Files\Microsoft Lync Server 2010\Modules\Lync\Lync.psd1'
get-csaduser -filter {Enabled -ne $True} -OU "ou=Employees,dc=treyresearch,dc=net" | Enable-CsUser -RegistrarPool lyncpool.treyresearch.net -SipAddressType EmailAddress

Let’s break it down line-by-line (since there is just two of them, and I have time to kill), in the first-line we are basically importing the Lync Module into PowerShell, since the Module does not sit in the usual location for PS modules you have to specify the complete path to the file.

The second line is made up of two separate commands, the first part get-csaduser -filter {Enabled -ne $True} -OU "ou=Employees,dc=treyresearch,dc=net" is to search for all users in a particular OU who have note yet been enabled for Lync 2010, the second half enables that user for a particular Pool using Email-Address of the user as their SIP Address.

Now that we have a script, we need to make sure that we can run it on the server. To do so, you need to either “Sign” the script or disable script signing on the server, since this is a “get-it-done” post I chose the easy way by disabling script signing. Just head over to PowerShell and type in the following command:

Set-ExecutionPolicy RemoteSigned

Next, go to Task Scheduler ( Start > Run > taskschd.msc ) and “Create Basic Task…”
image

And assign a Name and Description and then click on Next.

image

Choose how often you would like to run the task and Click next (I chose a Daily task)

image

Choose when you would like to run the task and click on Next.

image

Select “Start a program” and then click on Next again

image

Browse to the powershell.exe on your system and provide the script created earlier as an argument (-File “C:\Program Files\Common Files\Microsoft Lync Server 2010\EnableUsersForLync.ps1”)

image

Click on Finish to complete the wizard.

image

Links:
Running PowerShell Scripts https://technet.microsoft.com/en-us/library/ee176949.aspx
Configuring Scheduled Tasks https://technet.microsoft.com/en-us/library/dd851678.aspx