This page looks best with JavaScript enabled

On-Prem AD User Creator Utility

 ·  ☕ 4 min read

Configurable Script For Creating On-Prem Active Directory User Accounts

On-Prem AD User Creator Utility can be downloaded from:

Please consider supporting my work:

  • Sign up using Patreon.
  • Support with a one-time payment using PayPal.

If you’d like to contact me, please leave a comment, send me a tweet or DM, or you can join my Discord server.

-Mike

Features and Requirements

  • Requires the Active Directory PowerShell module be installed.
  • Requires A CSV file containing the FirstName and LastName of each user to create.
  • Configurable list of groups to add new users to.
  • Randomly generated passwords for each user.
  • User names are generated from firstname & a 3 digit random number.
  • The utility requires at least PowerShell 5.0.
  • This utility has been tested on Windows 10, Windows Server 2019 and Windows Server 2016 (Datacenter and Core Installations).

Generating A Password File

The password used for SMTP server authentication must be in an encrypted text file. To generate the password file, run the following command in PowerShell on the computer and logged in with the user that will be running the utility. When you run the command, you will be prompted for a username and password. Enter the username and password you want to use to authenticate to your SMTP server.

Please note: This is only required if you need to authenticate to the SMTP server when send the log via e-mail.

1
2

$creds = Get-Credential
$creds.Password | ConvertFrom-SecureString | Set-Content c:\scripts\ps-script-pwd.txt

After running the commands, you will have a text file containing the encrypted password. When configuring the -Pwd switch enter the path and file name of this file.

Configuration

Here’s a list of all the command line switches and example configurations.

Command Line Switch Description Example
-csv The path of the csv file containing the user info. Please see the users-example.csv file for how to structure your own file. C:\scripts\user-list.csv
-ou The Organisational Unit to create the users in. Encapsulate with ‘single quotes’ ‘OU=User_Accounts,DC=contoso,DC=com’
-upn The Universal Principal Name the users should be configured with. contoso.com
-HomeLetter The drive letter to use for the home drive path. X
-HomePath The path where the location of the home drive should reside. \\fs01\users$
-Groups The name of the group(s) separated by a comma that all the new users should be a member of. UserGroup1,UserGroup2
-NoBanner Use this option to hide the ASCII art title in the console. N/A
-L The path to output the log file to. The file name will be On-Prem-AD-User-Creator_YYYY-MM-dd_HH-mm-ss.log. Do not add a trailing \ backslash. C:\scripts\logs
-Subject The subject line for the e-mail log. Encapsulate with single or double quotes. If no subject is specified, the default of “New Users AD Log” will be used. ‘Server: Notification’
-SendTo The e-mail address the log should be sent to. me@contoso.com
-From The e-mail address the log should be sent from. New-Users-AD@contoso.com
-Smtp The DNS name or IP address of the SMTP server. smtp.live.com OR smtp.office365.com
-Port The Port that should be used for the SMTP server. If none is specified then the default of 25 will be used. 587
-User The user account to authenticate to the SMTP server. example@contoso.com
-Pwd The txt file containing the encrypted password for SMTP authentication. C:\scripts\ps-script-pwd.txt
-UseSsl Configures the utility to connect to the SMTP server using SSL. N/A

Example

1

On-Prem-AD-User-Creator.ps1 -csv C:\scripts\user-list.csv -upn contoso.com -ou 'OU=User_Accounts,DC=contoso,DC=com' -HomeLetter X -HomePath \\fs01\users$ -Groups UserGroup1,UserGroup2 -L C:\scripts\logs -Subject 'Server: New Users Log' -SendTo me@contoso.com -From New-Users-AD@contoso.com -Smtp smtp.outlook.com -User user@contoso.com -Pwd C:\scripts\ps-script-pwd.txt -UseSsl

This will create new users from the names in the csv file located in C:\scripts\user-list.csv and set their Home Drive letter to X and the path to \\fs01\users$\%username%. The users will also be added to the groups UserGroup1 and UserGroup2. The log file will be output to C:\scripts\logs and sent via e-mail with a custom subject line.

Change Log

2021-12-08: Version 21.12.08

  • Configured logs path now is created, if it does not exist.
  • Added OS version info.
  • Added Utility version info.
  • Added Hostname info.

2021-09-20: Version 21.09.20

  • Added code to make sure sam account name will never be more than 19 characters, due to the deafult sam account name length being 20 characters.

2021-09-15: Version 21.09.15

  • Completey rewritten to streamline the user creation process.
  • User passwords are now randomly generated.
  • Added option to add users to multipule groups.
  • Utility will find groups based on the AD name. No more having to specify the whole DN.
  • Added ASCII banner art when run in the console.
  • Added option to disable the ASCII banner art.
  • Added an option to specify the Port for SMTP communication.

2019-09-04 v1.6

  • Added custom subject line for e-mail.

2017-10-16 v1.5

  • Changed SMTP authentication to require an encrypted password file.
  • Added instructions on how to generate an encrypted password file.

2017-10-07 v1.4

  • Added necessary information to add the script to the PowerShell Gallery.

2017-09-13 v1.3

  • Added check for existence of user before attempting to create user.
  • Improved logging to handle the above change.

2017-07-22 v1.2

  • Improved code commenting for documentation purposes.
  • Added authentication and SSL options for e-mail notification.
Share on
Support the author with

See Also

©2021, All Rights Reserved