THREAD: [PowerShell] Create Mass AD Users Easily
  1. 02-04-2017, 01:36 AM
    jagex's Avatar
    jagex
    Gym leader
    jagex's Avatar
    jagex
    Gym leader
    298
    Posts
    1,629
    Reputation
    Oct 2010
    NextGenUpdate
    First powershell script I wrote a while back for my job.


    <#
    Author:
    Date:
    Description: Creates user(s) in specificed OU ((removed), (removed), or(removed))
    #>
    try
    {
    import-module activedirectory
    }
    catch
    {
    Write-Host "Active Directory Module Could Not Be Loaded."
    Exit 1
    }


    $date = Get-Date
    $adDomainName = (Get-ADDomain).DistinguishedName
    $dnsroot = (Get-ADDomain).DNSRoot

    $OrganizationalUnit = @{

    "1" = "(OU)";
    "2" = "(OU)";
    "3" = "(OU)";
    }

    Function Create-User
    {

    [CmdletBinding(SupportsShouldProcess=$true)]
    param(
    [Parameter(Mandatory=$true)]
    [string]$FirstName,
    [Parameter(Mandatory=$true)]
    [string]$LastName,
    [Parameter(Mandatory=$true)]
    [string]$Description,
    [string]$FullName,
    [string]$UserLogon,
    [string]$PrincipalName,
    [string]$Email,
    [string]$StreetAddress,
    [bool]$PasswordExpires
    )

    if(($FirstName -ne $null) -and ($FirstName -match '[0-9]'Winky Winky -and ($LastName -ne $null) -and ($LastName -match '[0-9]'Winky Winky)
    {
    Write-Host "Invalid entry"
    continue
    }

    $userLogon = $FirstName.SubString(0,1).ToLowerInvariant() + $LastName.ToLowerInvariant()

    $userInput = Read-Host -prompt "In which OU would you like to place the user in?`n1.(OU) `n2.(OU) `n3.(OU)"


    if($userInput -notin $OrganizationalUnit.Keys)
    {
    Write-Host "Invalid entry"
    Write-Host "$userInput"
    }
    else
    {
    $selectedOU = $OrganizationalUnit::$userInput

    If ($PSCmdlet.ShouldProcess("Destination OU: $selectedOU"))
    {

    try
    {

    $FullName = $FirstName + " " + $LastName

    $UserLogon = $FirstName.Substring(0,1).ToLowerInvariant() + $LastName.ToLowerInvariant()

    Write-Host "User Logon has been set to: $userLogon"

    $setUserLogonManually = Read-Host -Prompt "Do you want to manually set the logon? (y/n)"
    $setUserLogonManually.ToLowerInvariant()

    if($setUserLogonManually -eq "y")
    {
    do
    {
    Write-Host "User Logon (Do not include:"(@mycompany.ca)")"
    $UserLogon = Read-host
    $myRegexLogon = "^.*@.*"
    }While($userLogon -match $myRegexLogon)
    }

    $PrincipalName = $userLogon + "@(mycompany.ca)"

    <#do
    {
    Write-Host "Principal Name (Example:rhayabusa@(@mycompany.ca))"
    $principalName = Read-Host
    $myRegexPrincipalName = "^.*(@mycompany.ca)"
    }While($principalName -notmatch $myRegexPrincipalName)#>

    $Email = $PrincipalName

    do
    {
    Write-Host "Password (Must be 8 length or greater)"
    $Password = Read-Host | ConvertTo-SecureString -AsPlainText -Force
    }While($Password.Length -lt Cool Man (aka Tustin)

    do
    {
    $response = Read-Host -prompt "Change password on Logon? (0 = false | 1 = true)`n(Setting it to 0 will require you to manually enable the account!)"

    if($response -eq "1")
    {
    $PasswordExpires = $true
    }
    else
    {
    $PasswordExpires = $false
    }
    }While(($response -ne "0") -and ($response -ne "1"))

    Write-Host "$FullName will be placed in the following OU: $selectedOU"

    do
    {
    $moreInfoResponse = Read-Host -Prompt "Would you like to add extra information such as phone/address/office etc...? (y/n)"

    }While(($moreInfoResponse -ne "y") -and ($moreInfoResponse -ne "n"))

    if($moreInfoResponse -eq "y")
    {
    $StreetAddress = Read-Host -Prompt "Street Address"
    $Office = Read-Host -Prompt "Office"
    New-ADUser -Name $FullName -GivenName $FirstName -Surname $LastName -SamAccountName $UserLogon -EmailAddress $Email -Description $Description -Office $Office -StreetAddress $StreetAddress -UserPrincipalName $PrincipalName -AccountPassword $Password -ChangePasswordAtLogon $PasswordExpires -Enabled $true -Path "ou=Users, ou = $selectedOU, dc=(domain),dc=(domain),dc=(domain)" -WhatIf
    break
    }

    New-ADUser -Name $FullName -GivenName $FirstName -Surname $LastName -SamAccountName $UserLogon -EmailAddress $Email -Description $Description -UserPrincipalName $PrincipalName -AccountPassword $Password -ChangePasswordAtLogon $PasswordExpires -Enabled $true -Path "ou=Users, ou = $selectedOU, dc=(domain),dc=(domain),dc=(domain)" -WhatIf
    }
    Catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
    {
    Write-Warning "$selectedOU, was not found"
    }
    Catch
    {
    Write-Warning "An unspecified error was caught"
    Exit 1
    }
    }
    }
    }
  2. 02-04-2017, 04:53 AM
    Oneup's Avatar
    Oneup
    Guest
    Oneup's Avatar
    Oneup
    Guest
    n/a
    Posts
    n/a
    Reputation
    Once upon a time...
    NextGenUpdate
    Originally Posted by jagex View Post
    First powershell script I wrote a while back for my job.


    <#
    Author:
    Date:
    Description: Creates user(s) in specificed OU ((removed), (removed), or(removed))
    #>
    try
    {
    import-module activedirectory
    }
    catch
    {
    Write-Host "Active Directory Module Could Not Be Loaded."
    Exit 1
    }


    $date = Get-Date
    $adDomainName = (Get-ADDomain).DistinguishedName
    $dnsroot = (Get-ADDomain).DNSRoot

    $OrganizationalUnit = @{

    "1" = "(OU)";
    "2" = "(OU)";
    "3" = "(OU)";
    }

    Function Create-User
    {

    [CmdletBinding(SupportsShouldProcess=$true)]
    param(
    [Parameter(Mandatory=$true)]
    [string]$FirstName,
    [Parameter(Mandatory=$true)]
    [string]$LastName,
    [Parameter(Mandatory=$true)]
    [string]$Description,
    [string]$FullName,
    [string]$UserLogon,
    [string]$PrincipalName,
    [string]$Email,
    [string]$StreetAddress,
    [bool]$PasswordExpires
    )

    if(($FirstName -ne $null) -and ($FirstName -match '[0-9]'Winky Winky -and ($LastName -ne $null) -and ($LastName -match '[0-9]'Winky Winky)
    {
    Write-Host "Invalid entry"
    continue
    }

    $userLogon = $FirstName.SubString(0,1).ToLowerInvariant() + $LastName.ToLowerInvariant()

    $userInput = Read-Host -prompt "In which OU would you like to place the user in?`n1.(OU) `n2.(OU) `n3.(OU)"


    if($userInput -notin $OrganizationalUnit.Keys)
    {
    Write-Host "Invalid entry"
    Write-Host "$userInput"
    }
    else
    {
    $selectedOU = $OrganizationalUnit::$userInput

    If ($PSCmdlet.ShouldProcess("Destination OU: $selectedOU"))
    {

    try
    {

    $FullName = $FirstName + " " + $LastName

    $UserLogon = $FirstName.Substring(0,1).ToLowerInvariant() + $LastName.ToLowerInvariant()

    Write-Host "User Logon has been set to: $userLogon"

    $setUserLogonManually = Read-Host -Prompt "Do you want to manually set the logon? (y/n)"
    $setUserLogonManually.ToLowerInvariant()

    if($setUserLogonManually -eq "y")
    {
    do
    {
    Write-Host "User Logon (Do not include:"(@mycompany.ca)")"
    $UserLogon = Read-host
    $myRegexLogon = "^.*@.*"
    }While($userLogon -match $myRegexLogon)
    }

    $PrincipalName = $userLogon + "@(mycompany.ca)"

    <#do
    {
    Write-Host "Principal Name (Example:rhayabusa@(@mycompany.ca))"
    $principalName = Read-Host
    $myRegexPrincipalName = "^.*(@mycompany.ca)"
    }While($principalName -notmatch $myRegexPrincipalName)#>

    $Email = $PrincipalName

    do
    {
    Write-Host "Password (Must be 8 length or greater)"
    $Password = Read-Host | ConvertTo-SecureString -AsPlainText -Force
    }While($Password.Length -lt Cool Man (aka Tustin)

    do
    {
    $response = Read-Host -prompt "Change password on Logon? (0 = false | 1 = true)`n(Setting it to 0 will require you to manually enable the account!)"

    if($response -eq "1")
    {
    $PasswordExpires = $true
    }
    else
    {
    $PasswordExpires = $false
    }
    }While(($response -ne "0") -and ($response -ne "1"))

    Write-Host "$FullName will be placed in the following OU: $selectedOU"

    do
    {
    $moreInfoResponse = Read-Host -Prompt "Would you like to add extra information such as phone/address/office etc...? (y/n)"

    }While(($moreInfoResponse -ne "y") -and ($moreInfoResponse -ne "n"))

    if($moreInfoResponse -eq "y")
    {
    $StreetAddress = Read-Host -Prompt "Street Address"
    $Office = Read-Host -Prompt "Office"
    New-ADUser -Name $FullName -GivenName $FirstName -Surname $LastName -SamAccountName $UserLogon -EmailAddress $Email -Description $Description -Office $Office -StreetAddress $StreetAddress -UserPrincipalName $PrincipalName -AccountPassword $Password -ChangePasswordAtLogon $PasswordExpires -Enabled $true -Path "ou=Users, ou = $selectedOU, dc=(domain),dc=(domain),dc=(domain)" -WhatIf
    break
    }

    New-ADUser -Name $FullName -GivenName $FirstName -Surname $LastName -SamAccountName $UserLogon -EmailAddress $Email -Description $Description -UserPrincipalName $PrincipalName -AccountPassword $Password -ChangePasswordAtLogon $PasswordExpires -Enabled $true -Path "ou=Users, ou = $selectedOU, dc=(domain),dc=(domain),dc=(domain)" -WhatIf
    }
    Catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException]
    {
    Write-Warning "$selectedOU, was not found"
    }
    Catch
    {
    Write-Warning "An unspecified error was caught"
    Exit 1
    }
    }
    }
    }

    You must login or register to view this content.

    Weird how that is almost the exact same
  3. The Following User Thanked Oneup For This Useful Post:


  4. 02-12-2017, 11:31 PM
    247
    Posts
    2,091
    Reputation
    May 2013
    NextGenUpdate
    Originally Posted by Oneup View Post
    You must login or register to view this content.

    Weird how that is almost the exact same


    Gasp Gasp shots fired
  5. 02-13-2017, 01:55 PM
    mikeyfnbrennan's Avatar
    mikeyfnbrennan
    Do a barrel roll!
    mikeyfnbrennan's Avatar
    mikeyfnbrennan
    Do a barrel roll!
    94
    Posts
    170
    Reputation
    Sep 2015
    NextGenUpdate
    Originally Posted by Oneup View Post
    You must login or register to view this content.

    Weird how that is almost the exact same


    Needa Needa Needa