The best approach to create a brand new person object within the Active Directory area is to make use of MMC graphical snap-in ADUC (Active Directory Users and Computers). But if you want to create a number of person accounts within the area, doing it manually generally is a tiresome process for an administrator. In this text, we’ll take into account an instance automating the creation of person accounts in AD utilizing the New-ADUser PowerShell cmdlet.
- Using New-ADUser Cmdlet to Create New Active Directory User Account
- Bulk Create AD Users from a CVS File Using PowerShell Script
Using New-ADUser Cmdlet to Create New Active Directory User Account
New-ADUser cmdlet is part of Active Directory for PowerShell module. To use this module, you could set up RSAT model similar to your OS model and allow Active Directory Module for Windows PowerShell element.
To import the module to your PowerShell session, run this command:
You can get the complete syntax of New-ADUser cmdlet utilizing the command:
Get-Command New-ADUser –Syntax
In the minimal model, to create a brand new account it’s sufficient to specify simply the identify of the AD person:
As you’ll be able to see, a brand new person account has been created within the default Users container and is disabled. To use this account, you could allow it (Enable-ADAccount cmdlet), set its password (Set-ADAccountPassword cmdlet) and/or different attributes (if mandatory).
To create a full-featured person account within the particular AD container of the area (OU) with the password and instantly allow the person’s object, use this command:
New-ADUser -Name "Albert Schmidt" -GivenName "Albert" -Surname "Schmidt" -SamAccountName "a.schmidt" -UserPrincipalName "[email protected]" -Path "OU=Users,OU=Accounts,OU=Berlin,OU=DE,DC=woshub,DC=com" -AccountPassword(Read-Host -AsSecureString "Input Password") -Enabled $true
The command will immediate you to set a password (protected) for a brand new person without delay.
Note. The person’s password should adjust to the area password safety coverage by size, complexity, and so on., in any other case the cmdlet will return the error: New-ADUser : The password doesn’t meet the size, complexity, or historical past requirement of the area.
You can get the details about the created area person object with cmdlet:
Bulk Create AD Users from a CVS File Using PowerShell Script
If you need to create a number of Active Directory customers without delay, it’s simpler to avoid wasting the listing of customers within the format of CSV (Excel) file after which run a particular PowerShell script. In this file, you could fill in all important person attributes.
For instance, my Excel file of customers consists of Eight columns and has the next header format:
Fill within the person knowledge and save the Excel file into the CSV format with commas as separating character. The encoding have to be set to UTF-Eight (it’s necessary!). The values of the OU column comprise commas, so you could use double quotes.
Now you’ll be able to import this CSV file (create_new_ad_users.csv) and create new customers within the AD area. The code of the prepared PowerShell script is proven under:
Note. If you might be utilizing “;” as a separating character in your CSV file, add -delimiter “;” argument to your Import-Csv cmdlet.
Import-Csv "C:pscreate_new_ad_users.csv" | ForEach-Object
After you have got run the script, open the ADUC console, broaden the required AD container and guarantee that new person accounts have appeared within the AD. (You can monitor person account creation within the AD accounts as follows: .)
You can add the created accounts to the precise AD group utilizing cmdlet. To do it, modify the script by including this line to the For-Each loop:
Add-AdGroupMember -Identity EnableInternetAccess-Members $_.samAccountName
Or you’ll be able to to show it in Outlook and Lync:
Set-ADUser $_.samAccountName -Replace @