This script allows your marketing team to edit HTML templates for your company branded signatures that can be (optionally via GPO) automatically deployed next time user logs on to their computer.
I have made a comment to help someone out on r/PowerShell by sharing this script and it gathered a lot of interest overnight.
- Knowledge of how Distinguished names (DN) work on Active Directory
- Most lines are commented, but you need some basic knowledge of PowerShell before proceeding.
- Network share with Read/Execute NTFS permissions for Everyone or Domain Users and Modify NTFS permissions for marketing department
- Basic knowledge of Active Directory
- (optionally) Basic knowledge of GPO and SYSVOL
- Probably PowerShell 5 (not tested on version 2 or 3)
Yes, the script was originally tailored to my company AD structure, it was not designed to fit anyone else, the changes required are however minor and will require some testing on your part before it should go in production.
It's fairly simple - check out variables readme.txt inside DATA folder, you can add these available #variables to your HTML code and they will be converted into information pulled down from AD. The design of your signature from this point on is only limited by your knowledge of HTML and CSS.
Yes you can, but this will require some knowledge of PowerShell. You will need to modify script for $lastline to allow script to detect changes in custom vars and update Write-Signature function's replace methods (e.g -replace "#customVariable",$customVariable)
- Script defines all required paths and if Signatures folder does not exist locally, it will create one
- Script then connects to ActiveDirectory to pull down basic information of current user. Since user owns their own AD object, no additional permissions are required
- If user has both mobile and landline number, script will add separator between and adjust HTML code (requires editing here)
- Script then extracts OU structure from DN to determine which folder to look at on network share to download templates from (requires editing here), see comments in script
- Script then reads all existing local signatures to extract last line from HTM files to see if it contains HTML comment that holds information about user and MD5 checksum of template that was used originally
- Script then cleans up any outdated signatures that was generated by it previously (does not delete manually created signatures by user). It will also delete any generated signatures if template was deleted from network share, this is great for quick cleanup of old signatures
- Finally script will generate new signatures from template if:
- it detects that user's OU matches folder structure on network share
- it detects if default signature was enabled
- it detected changes in template file
- it detected changes in user's AD information
Yes, in the root folder you will find Default.htm.EXAMPLE file If you remove .EXAMPLE part then users will have this template deployed regardless of what OU they are in.
No, you can name it whatever you want, just needs to be HTM file
Yes, keep adding as many .htm templates (and .jpg files) as you want into the same folder, each signature template downloaded will show up in Outlook using file names you used. Same applies to default signatures.
You would deploy the script using Current User GPO, then upload script to SYSVOL, please find an online tutorial if you're not confident how this works.
Yes, you would still apply GPO to all users, but you need to modify security settings for your GPO to only allow secific user or security group to read it. Since basic knowledge of GPOs is required, please see online tutorial on how to do this for details