Create Active Directory users with Powershell
In the next few paragraphs I show you my method to create hundreds of test users on Windows Server 2012 with Powershell.
First of all you need permissions to be able to create users.
Your machine needs the Powershell module from the Remote Server Administration Tools, check it here: Features/Remote Server Administration Tools/Role Administration Tools/AD DS and AD LDS Tools/Active Directory module for Windows Powershell.
Show-Command New-ADUser The first command shows you the command’s help in a separate window where you browse or search. The second command opens a graphical window to specify the parameters for the command.
Put these side by side using Windows Key+Right arrow and Windows key+Left arrow for the first and second window respectively and you can easily explore and try any command.
There are lots of AD properties available from this command so let’s check a couple.
AccountPassword: Have to provide a SecureString here, simple plaintext won’t be enough. Use the ConvertTo-SecureString command to store submit your password or convert it on the fly:
Enabled: I always use $true, so I can use them immediately.
Path: This defines the OU where the user will be created. I you omit this, Windows uses the default user container. Submit a distinguished name here. Check the OU with the attribute editor in AD Administrative Center:
Company, Title and MobilePhone, etc are pretty straightforward, but I always struggle with names so here is a rough overview.
foreach ($user in $csvcontent)
New-ADUser -AccountPassword (ConvertTo-SecureString “MyPassword1!” -AsPlainText -Force) -ChangePasswordAtLogon $false -Company “Letitknow Ltd.” -DisplayName ($user.Firstname+” “+$user.Lastname) -Enabled $true -MobilePhone ($user.Phone) -Name ($user.Firstname+” “+$user.Lastname) -SamAccountName ($user.Lastname+$user.Firstname.Substring(0,1)) -Title “Engineer” -Path “OU=Users,OU=Company,DC=home,DC=local” -state $user.County -givenname $user.Firstname -surname $user.Lastname -userprincipalname ($user.Lastname+$user.Firstname.Substring(0,1) + “@home.local”) -department “IT” -description “Generated test user” -office “HQ”
} First I grab the content of the CSV file so I can reference the fields with NoteProperties. Then I iterate through all items and generate a user with the data. I set the password to the same for everyone and set that nobody should bother with the password change at the next logon. I generate the various names with string concatenation using the firstname and lastname values. There are a couple of fixed values for all users but you can also submit these in the CSV file.
Run this snippet on an input like this: