This is a very bare bones PowerShell script for creating new users in Active Directory environment.
It can save huge amounts of time if you’re creating large numbers of new users as you can pipe values into the function like:
$firstNames = @("John","Jane")
$lastNames = @("Smith","Doe")
for ($i = 0; $i -lt $firstNames.Count; $i++) {
Add-ADUser -FirstName $firstNames[$i] -LastName $lastNames[$i]
}
This basic skeleton can be changed to:
- Have a different Login naming convention
- Add more default groups
- Add checks to change login names if it already exists
This will work with PowerShell version 1 and upwards.
If you have any questions, ask away in the comments section!
function Add-ADUser ($FirstName, $LastName) {
$logon = $lastName + $firstName.subString(0,1)
$domain = "DC=domainName,DC=com"
# Bind to Users a particular OU
$ou = [ADSI]"LDAP://OU=Users,$domain"
# Create new user in AD
$newUser = $ou.Create("user","CN=$lastName $firstName")
# Bind common Mememberships
$allUsers = [ADSI]"LDAP://CN=AllUsers,OU=Recipients,$domain"
$groups = @($allUsers)
# Modify new users details
$newUser.put("sAMAccountName",$logon)
$newUser.put("givenName",$firstName)
$newUser.put("sn",$lastName)
$newUser.put("DisplayName","$lastName $firstName")
$newUser.put("userPrincipalName", $logon + "@domain.com")
$newUser.put("profilePath","\\domainController\profiles\$logon")
$newUser.SetInfo()
$newUser.put("userAccountControl","512")
$newUser.SetInfo()
$newUser.psbase.Invoke("SetPassword","Password1")
$newUser.psbase.CommitChanges()
# Add user to required memberships
foreach ($group in $groups) {
$members = $group.member
$group.member = $members + $newUser.distinguishedName
$group.setInfo()
}
# Optional code for creating a Exchange Mailbox for the newly created user
Enable-Mailbox -Identity "domain\$logon" `
-Database "exchangeServer\Storage Group\Mailbox Database"
}
Comments (0)