# Parse arguments, the arguments must be provided in order
$UserName = $args[0]
$Password = $args[1]
$Category = $args[2]
$FullName = $args[3]
$NtGroup = $args[4]

# Load modules so the script can use active directory cmdlets
Import-Module ActiveDirectory*

# Set profile path and login script
$ProfilePath = "\\profiles\profiles\$UserName"
$ScriptPath = "logon2.bat"

# If user belongs to a group, put the user under group organization unit
# else put the user under Users container
if ($NtGroup) {
    $ADUserPath = "OU=$NtGroup,OU=User Accounts,DC=phas,DC=ubc,DC=ca"
    $ADGroup = "CN=$NtGroup,CN=Users,DC=phas,DC=ubc,DC=ca"
} else {
    $ADUserPath = "CN=Users,DC=phas,DC=ubc,DC=ca"
}

# Add new user
New-ADUser -Name $UserName -SamAccountName $UserName -DisplayName $FullName -Description $Category -Path $ADUserPath -AccountPassword (ConvertTo-SecureString -AsPlainText $Password -Force) -PasswordNeverExpires $true -CannotChangePassword $true -Enabled $true -HomeDirectory "H:\" -ProfilePath $ProfilePath -ScriptPath $ScriptPath

# Add user to the group    
if ($NtGroup) {
    $User = "CN=$UserName,$ADUserPath"
    Add-ADGroupMember -Identity $ADGroup -Members $User
}