My purpose was to create 119 new users into a domain from a .csv phone list from the phone system report. The following is how I accomplished it...enjoy.
The following require the Active Directory PowerShell Snap-In (should be installed with your Server Management Tool Kit), and the PowerShell needs to be run "as Administrator"
Creating a Single User (AD PowerShell)
- Right-click AD PowerShell and run as Administrator
- To create a new user with defined attributes, enter the following command into the prompt (be sure to change the CN (containername) and DC to match your domain, also change the attribute names to match that of the user to be created:
New-ADUser -SamAccountName SAMACCOUNT -Name NAME -Surname SURNAME -Given Name GIVENNAME -AccountPassword (ConvertTo-SecureString -AsPlainText "P@ssword!!" -Force) -Enabled $false -Path 'CN=Users,DC=DFSTEST,DC=LOCAL'
This command will create a new AD User, set the pre-2000 logon name, the display name, first name, last name, sets the password to a default, forces the account to DISABLED, and places it into the USERS container in the parent domain
Creating Multiple Users by Importing a CSV File (AD PowerShell)
- First you must decide which user attributes you would like to define. To locate definable attributes, in Active Directory Users and Computers (ADUC) click View, and select Advanced Features
- Now when you select the Properties of an object, you can see the definable attributes by selecting the Attribute Editor tab
- Open Excel and begin creating your variable names at the top row. It is very important to remember the exact variable names, you will call them later in the PowerShell command in this format: $_.variablename.
- After you have defined all your attributes and listed values for each column, save the Excel file as filename.csv. Make sure to remember where the file was saved.
- Check your .csv by opening it in Notepad. You should be able to see the column values separated by commas, and any value that contains a comma should be encased in quotes:
- With the AD PowerShell open, type in the following command (plus or minus your own attributes):
MAKE SURE THERE IS ALWAYS A HYPHEN BEFORE YOU CALL THE ATTRIBUTE, AND A SPACE BETWEEN YOUR VARIABLES & COMMANDSImport-Csv filename.csv | foreach {New-ADUser -UserPrincipalName $_.userprincipalname -SamAccountName $_.samaccountname -Name $_.name -DisplayName $_.displayname -GivenName $_.givenname -Surname $_.surname -Office $_.office -OfficePhone $_.officephone -StreetAddress $_.address -City $_.city -State $_.state -PostalCode $_.postalcode-MobilePhone $_.mobilephone -Fax $_.fax -Country US -Title $_.title -Department $_.department -Company DFS -OtherAttributes @{'msNPAllowDialin'=$false; 'ipPhone'=$_.ipphone} -AccountPassword (ConvertTo-SecureString -AsPlainText "P@ssword!!" -Force) -Enabled $false -Path 'CN=OU,DC=DOMAIN,DC=COM'}If no errors are encountered, you will be taken back to the default PS C:\> prompt.
 |
| For this example, the attributes I will be defining are: -UserPrincipalName, -SamAccountName, -Name, -DisplayName, -GivenName, -Surname, -Office, -OfficePhone, -StreetAddress, -City, -State, -PostalCode, -MobilePhone, -Fax, -Country, -Title, -Department, -Company, msNPAllowDialin, ipPhone, -AccountPassword, -Enabled, -Path Now that the attributes are defined, you will have to create a CSV file defining variable names for the users you wish to create and their attributes you wish to define. |
All new users should now have all their attributes filled in to the areas you specified in your .csv file. Check each user to verify the attributes you specified are correct.
No comments:
Post a Comment