Check out the Z-Hire Employee-Provisioning app

Posted by on Feb 11, 2013 in Exchange, SharePoint

It’s not often that I write about a 3rd party plug-in, but this one is worth a mention.  Check it out at the TechNet Library;  In summary, Z-Hire automates the IT account creation process for Exchange mailbox, Active Directory, Lync accounts, Office 365 cloud and SalesForce cloud deployments.  Read more below.


When an administrator is in the final stages of a Lync deployment, he must

enable the entire organization for Lync. Presumably, he will bulk enable

current Lync users by piping get-CSaduser PowerShell command into the

enable-CSuser command. But what about the new hires? Currently, there are

only two ways he would approach this: either manually enable Lync users

from the Lync control panel or enable Lync users via PowerShell. The

problem with these two methods is the likeliness of inconsistency in

accounts created. For example, in an organization with several

administrators, if Admin X chooses to enable voice chat for users, while

Admin Y does not, the lack of a standard can cause maintenance or

troubleshooting nightmares when user problems occur and an administrator

discovers that each user has varying enabled features.


It is essential that an organization conform to standards to ensure that

each and every account is consistent. With many attributes available for

different aspect of IT systems, this section can be easily overlooked

during the process of creating new accounts. At the very least, an

administrator should keep the following consistent: Conferencing policy,

External access policy, and Registrar pool.


The idea came upon me on a typical Friday night, working as usual, but

this time with help-desk team, when it occurred to me that there must be a

simpler and quicker way to create IT system accounts for our 10 new hires

starting on Monday. As a systems administrator, I understand the

frustration of help-desk personnel. One of the responsibilities of

help-desk is to create accounts for new hires as a part of the onboarding

process. Creating each individual account for every IT system, such as

Active Directory, Exchange and Lync, for each person is a lengthy process

and the quality of work often lacks consistency. Having worked for various

small and large organizations, even some of the most well-established

large organizations do not have this process automated. Yes, the process

can be automated via VBscript or PowerShell, but not all help-desk

personnel are familiar with command line and may find it too complicated.

Therefore, would it not be great to have one application that will create

an account for every IT system? I wrote an application that will automate

the creation of accounts for the following IT systems: Active Directory,

Exchange, Lync and Office 365.


With just one click of a button, the accounts for Active Directory,

Exchange, and Lync will be created. For Active Directory accounts, an OU

can be specified to dictate new user’s location. When specifying the

sAMAccountName format, the Z-Hire app will automatically generate a

sAMAccountName using the user’s first and last name. Other common active

directory attributes such as title, department, or company can also be set

from this app. This app will also allow admins to Templatize their

settings and save frequently used settings. For example, you may want all

users in marketing department to have same “Department” and add to

specific list of groups. This speeds up account deployment time

significantly since duplicate data doesn’t need to be entered.


In Exchange 2007, which runs on PowerShell 1.0, you must locally install

Exchange 2007 management shell if you want to create Exchange 2007

mailboxes using this application. Remember though, that this app simply

runs enable-mailbox PowerShell cmdlet in the background, which means that

all parameters such as mailbox database, managed folder policy, and

ActiveSync policy is configurable. The awesome part of Exchange 2010 is

PowerShell’s remoting feature of PowerShell 2.0, which allows the

application to connect to it remotely and execute remote commands. For

Exchange 2010, it supports Archive database, retention policy, managed

folder policy and ActiveSync policy. Lastly, this app allows configuration

of parameters associated with enable-csuser and set-csuser command,

including conferencing policy, external access policy, registrar pool, sip

domain, and peer-to-peer AV feature. For Office365, the only requirement

is the MSOL powershell module that can be downloaded from Microsoft. User

template information is simply saved in XML format which means you can

back up the data or modify it using Notepad. In short, this app works by

initiating a remote PowerShell session to both Exchange and Lync servers

and then executes PowerShell commands. For Office 365, It connects

directly to Microsoft cloud. It is as simple and basic as that, but the

fact that all three accounts can be simultaneously created with just one

click is pretty awesome. The only requirement for this application is that

you must enable PS remoting on the servers it is connecting to. This

feature is enabled by default. However, this can also be done by running

“Enable-Psremoting” PowerShell command on the Exchange and Lync servers

you wish to connect to.