How to create AD users with powershell

Here a powershell script that create AD users with some attributes predefined. We are using as SAM account and CN a prefix (us8) plus tree digit hexadecimal counter (the counter incremental are managed by script). Remember to change attributes and domain according to your AD.

$UserLoginID = "us8400"

do {
$choices = [System.Management.Automation.Host.ChoiceDescription[]](
(New-Object System.Management.Automation.Host.ChoiceDescription "&Yes","Create new user"),
(New-Object System.Management.Automation.Host.ChoiceDescription "&No","Quit"))

$Answer = $host.ui.PromptForChoice('---',"Create New User?",$choices,(1))

If ($Answer -eq "0") {

    $fields = new-object "System.Collections.ObjectModel.Collection``1[[System.Management.Automation.Host.FieldDescription]]"

    $f = New-Object System.Management.Automation.Host.FieldDescription "Enter samAccountName"
    $f.HelpMessage  = "Insert user samAccout"
    $f.DefaultValue = "Field0"
    $f.Label = "&Any Text"
    $fields.Add($f)

    $f = New-Object System.Management.Automation.Host.FieldDescription "Enter FirstName"
    $f.HelpMessage  = "Insert user First Name"
    $f.DefaultValue = "Field1"
    $f.Label = "&Any Text"
    $fields.Add($f)

    $f = New-Object System.Management.Automation.Host.FieldDescription "Enter LastName"
    $f.HelpMessage  = "Insert user Last Name"
    $f.DefaultValue = "Field2"
    $f.Label = "&Any Text"
    $fields.Add($f)

    $UserNumber = $UserLoginID.substring(($UserLoginID.Length - 3), 3)
    $UserNumberInt = [Convert]::ToInt32($UserNumber, 16) + 1
    $UserNumberHex = "{0:X}" -f $UserNumberInt

    $DefaultValue_SAM = ($UserLoginID.substring(0, ($UserLoginID.Length - 3)) + $UserNumberHex)
    [void][System.Windows.Forms.SendKeys]
    [System.Windows.Forms.SendKeys]::SendWait(
    ([regex]'([\{\}\[\]\(\)\+\^\%\~])').Replace($DefaultValue_SAM, '{$1}'))

    $results = $Host.UI.Prompt( "---", "New User Creation", $fields )    

    trap {
    [void][System.Reflection.Assembly]::LoadWithPartialName(
    'System.Windows.Forms')
    continue
    }

    $UserLoginID = $results.'Enter samAccountName'
    $UserFirstName = $results.'Enter FirstName'
    $UserLastName = $results.'Enter LastName'

#    Write-Host "Creating user " $UserLoginID
    $UserLoginID = $UserLoginID.ToLower()

    $UserPrincipalName = $UserLoginID + "@domain.dom.grp"
    $UserDisplayName = $UserLastName + ", " + $UserFirstName
    $UserInitials = $UserFirstName.substring(0,1) + $UserLastName.substring(0,2)
    $objDomain = New-Object System.DirectoryServices.DirectoryEntry("LDAP://OU=My_Users,DC=domain,DC=dom,DC=grp")
    $objUser = $objDomain.Create("user", "CN=" + $UserLoginID) #This creates a local object for you to update
    $objUser.Put("givenName",$UserFirstName)  
    $objUser.Put("sn",$UserLastName)  
    $objUser.Put("sAMAccountName",$UserLoginID)  
    $objUser.Put("displayName",$UserDisplayName)  
    $objUser.Put("userPrincipalName",$UserPrincipalName)
    $objUser.Put("mail",($UserFirstName.ToLower().Replace(" ", "") + "." + $UserLastName.ToLower().Replace(" ", "") + "@domain.com"))
    $objUser.Put("initials",$UserInitials)
    $objUser.Put("Company","My Company")
    $objUser.Put("c","IT")
    $objUser.SetInfo()
    $objUser.AccountDisabled = $false #By default the User ID is disabled and must be enabled to use.  
    $objUser.SetPassword("Change123") #Set this password to anything you need it to be 
    $objUser.SetInfo()

    }

}
while ($Answer -eq "0")

Before running this script you need to load active directory module on you powershell:

Import-Module ActiveDirectory
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s