May 23 2014

HOWTO: Quick and dirty Active Directory User Creation using Powershell

I had a situation where I needed to create a bunch of service accounts using pre-created complex passwords.  Now there are tons of Powershell scripts online to accomplish just this but in my brief searching they all seemed either too simplistic or far too complex.  So I decided instead to draft my own.  You can see the script is very simple.  You provide the username, password and description you want, run it and the accounts are automatically created and placed in the correct OU.

It’s beautiful in its simplicity. 🙂

Note: The usernames and passwords have been changed to protect the innocent.

$myObj = @();
Function AddToObject($var1, $var2, $var3)
{ $Script:myObj += New-Object PSObject -Property @{Username = $var1; Password = $var2; Description = $var3;}}
AddToObject "svcinstall" "ceW5FQUflUy28esLKPr15b" "Important account that does"
AddToObject "svcadmin" "I1ezRwj3Atg8Tm5Crhqm" "Some important function"
AddToObject "svcapp" "2AifKKwnAeDLoSVg47fg" "Which is descrbied here"
AddToObject "svcdata" "wLp4bzhfAp8rjL1DGWNo" "as this is the description field"
AddToObject "svcreach" "ICdGIv869fM6xqTy2WWN" "that appears in the AD account properties "
ForEach($Entry in $myObj)
$UPN = $Entry.Username + "@mydomain.com"
New-ADUser `
-SamAccountName $Entry.Username `
-Name $Entry.Username `
-Description $Entry.Description `
-UserPrincipalName $UPN `
-AccountPassword (ConvertTo-SecureString -AsPlainText $Entry.Password -Force) `
-Enabled $true `
-PasswordNeverExpires $true `
-Path 'OU=users,DC=mydomain,DC=com'

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">