Friday, July 10, 2020

Create AD Account in Bulk Using PowerShell

There are quite a few articles on the internet how to use PowerShell to create a Bulk AD Accounts but what I found is they are not covering how to add or change certain attributes. I have created this script with the help of some awesome guys on the internet.

Courtesy: https://activedirectorypro.com/create-bulk-users-active-directory/#comments

# Import active directory module for running AD cmdlets
Import-Module ActiveDirectory
  
#Store the data from ADUsers.csv in the $ADUsers variable

$ADUsers = Import-csv C:\Users\senju\Desktop\ADUser\bulk_users1.csv

#Loop through each row containing user details in the CSV file 
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below

$Username = $User.username
$Password = $User.password
$Firstname = $User.firstname
$Lastname = $User.lastname
$OU = $User.ou # Right click on the existing account, goto attribute editor and doubleclick distinguishedName and copy everything after CN
       $email      = $User.email
      $Password   = $User.Password
      $Description = $User.Description
      $MailNickName =$User.MailNickName
      $HideAddress =$User.HideAddress
      $Proxyaddresses =$User.Proxyaddresses
        
#Check to see if the user already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
}
else
{
#User does not exist then proceed to create the new user account

#Account will be created in the OU provided by the $OU variable read from the CSV file
     New-ADUser `
            -SamAccountName $Username `
            -UserPrincipalName "$Username@labo.local" `
            -Name "$Firstname $Lastname" `
            -GivenName $Firstname `
            -Surname $Lastname `
            -Enabled $True `
            -DisplayName "$Firstname $Lastname" `
            -Path $OU `
            -EmailAddress $email `
            -Description $Description `
            -AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $False -PasswordNeverExpires $True
            
Set-ADUser -Id $UserName -Add @{
                MailNickName =$MailNickName
                }

Set-ADUser -Id $UserName -Add @{
                msExchHideFromAddressLists =$HideAddress
                }

      Set-ADUser -Identity $UserName -add @{
        Proxyaddresses=$Proxyaddresses
             }

Set-ADUser -Identity $Username -Enabled $True

         }
}

Remember to change the below items

1) Location of the CSV File
   $ADUsers = Import-csv C:\Users\senju\Desktop\ADUser\bulk_users1.csv


2) UPN 
   UserPrincipalName "$Username@labo.local (Should be your Domain)

3) Format of the excel sheet as shown below


Find GPO's applied to a computer if the gpresult /r and rsop.msc failed to load due to permission

How to see the group policies applied to a computer if the gpresult /r and rsop.msc failed to load due to domain permission Run the command ...