Importing MOPS Accounts

The script described below is used to import user accounts from Active Directory groups into MOPS 4.0. It is provided to simplify initial setup and ongoing user management by allowing bulk import of users with specified roles.

Import-MOPSAccount.ps1

Using the MOPS Account Import Script

The PowerShell script Import-MOPSAccount.ps1 automates the importing of user accounts from Active Directory groups into the MOPS 4.0 directory database.

Prerequisites

Before running the script, ensure the following requirements are met:

  • Access to Active Directory with read permissions for the target AD group
  • Access to the MOPS 4.0 directory database (dirdb) with sufficient permissions to create accounts
  • The script will automatically install required PowerShell modules if they are not already installed:
    • RSAT-AD-PowerShell (Active Directory tools)
    • ActiveDirectory (Active Directory PowerShell module)
    • TUN.CredentialManager (Windows Credential Manager tools)

Parameters

  • -ADGroup (Required): The complete Active Directory group name as a string (e.g., ‘Enterprise Admins’)
  • -Roles (Required): An array of MOPS roles to assign to imported users. Default: @(“User”)
  • -Server (Optional): AD server address for fetching users from a remote Active Directory (e.g., ‘ad-server.domain.com:50000’)
  • -DBServer (Optional): Database server address. Default: 127.0.0.1
  • -DBPort (Optional): Database server port. Default: 5432
  • -CredentialName (Optional): Credential store name for database credentials. Default: MOPS4_DB
  • -Username (Optional): Database username. Default: postgres
  • -Password (Optional): Database password. If not provided, credentials are retrieved from Windows Credential Manager
  • -Help: Displays usage information

Examples

Import users from an AD group with default User role:

.\Import-MOPSAccount.ps1 -ADGroup "MOPS Users" -Password "db_password"

Import users from an AD group with multiple roles:

.\Import-MOPSAccount.ps1 -ADGroup "MOPS Designers" -Roles "User", "Designer", "Operator" -Password "db_password"

Import users from a remote Active Directory server:

.\Import-MOPSAccount.ps1 -ADGroup "MOPS Operators" -Server "ad-server.domain.com:50000" -Roles "User", "Operator" -Password "db_password"

Import users with custom database server configuration:

.\Import-MOPSAccount.ps1 -ADGroup "MOPS Admins" -Roles "User", "Administrator" -DBServer "db.example.com" -DBPort "5433" -Username "mops_admin" -Password "db_password"

Display help:

.\Import-MOPSAccount.ps1 -Help

Notes

  • The script validates that each user has a GivenName, SurName, and either an EmailAddress or UserPrincipalName (UPN). Users missing these attributes will be skipped.
  • If a user account already exists in MOPS 4.0 (matched by email), the specified roles will be assigned to the existing account.
  • The script can be run unattended for scheduled execution, making it suitable for automated user synchronization tasks.
  • The script displays a preview of users to be imported before executing the import operation.
  • Requires appropriate permissions to read from Active Directory and write to the MOPS 4.0 directory database.