Solved

Create users in Active Directory and Exchange 2010 from CSV file

Posted on 2014-01-15
12
866 Views
Last Modified: 2014-01-16
I frequently have to create new users who are temporary but is quite tedious because of all of the information needed to put into the AD database. Is there a script I can run to create the users from a CSV file? I would also need to create an email account in Exchange 2010.

I need to enter the fields FirstName, LastName, DisplayName, Description, Office, TelephoneNumber, ProfileLogonScript, JobTitle, Department, and insert users in groups. Is there also a way to set PasswordNeverExpires as well?

Is this possible?
0
Comment
Question by:jdube
12 Comments
 
LVL 19

Assisted Solution

by:helpfinder
helpfinder earned 20 total points
ID: 39783888
0
 

Author Comment

by:jdube
ID: 39783910
Is there a cross reference to the field names? E.g. What is the Telephone field, what is the Office field?
0
 
LVL 5

Assisted Solution

by:alicain
alicain earned 20 total points
ID: 39783925
There are several good examples of this on the TechNet script center, for example this one :
http://gallery.technet.microsoft.com/scriptcenter/AD-and-mailbox-from-CSV-96a4713f

The New-ADUser cmdlet has a parmeter that can be used for setting Password Never Expires :
   -PasswordNeverExpires $true


Regards,
Alastair.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 53

Assisted Solution

by:Will Szymkowski
Will Szymkowski earned 60 total points
ID: 39784067
You need to perform this in 2 steps as they are from 2 different module/snapins...
Create New AD User
Import-Module activedirectory
$Userlist = Import-Csv "c:\youCSVhere.csv"
$Userlist = ForEach ($Person in $Userlist) {
$Person.SamAccountName
$Person.UPN
$Person.Name
$Person.GivenName
$Person.Surname
$Person.Title
$Person.Office
$Person.Description
$Person.Department
$Person.Password
New-ADUser -UserPrincipalName $Person.UPN -SamAccountName $Person.SamAccountName -Name $Person.Name -GivenName $Person.Givenname -Surname $Person.Surname -Title $Person.Title -Department $Person.Department -Office $Person.Office -OfficePhone $Person.OfficePhone -Description $Person.Description -PasswordNeverExpires $True -AccountPassword (ConvertTo-SecureString -AsPlainText $Person.Password)
}

Open in new window


CSV file needs to be constructed like below...
UPN samaccountname Name GivenName SurName Title Office Description Department Password

Once the Users have been created in AD you can use the Enable-mailbox to create a mailbox for them...
$UserList = Import-Csv "C:\youCSVhere.csv"
$UserList = foreach ($Mailbox in $UserList) {
$Mailbox.UserPrincipalName
$Mailbox.Database
Enable-mailbox -Identity $Mailbox.UserPrincipalName -Database $Mailbox.Database
}

Open in new window


CSV File needs to be constructed like below...
UserPrincipalName    Database
sadams@domain.com    servername\database
etc...

Will.
0
 
LVL 12

Accepted Solution

by:
Vaseem Mohammed earned 400 total points
ID: 39784762
I came up with this script for you.
Note: Active directory module must be available on your "Management Desktop" and "Exchange management console" must be installed.
This script is doing 2 tasks at once.
1. Creating User accounts from the details available in .csv file
2. Enabling the mailbox for the created user.

I am attaching the UserList excel file that I have used, once you have completed the data in excel save it as .csv, after saving cross check that it is a .csv file
The .csv file should be in same directory where you save the script (.ps1), if not then provide a complete path on line:04

Copy and Paste the below script in notepad and [Save As] "ScriptName.ps1" (including quotes)
Write-Host -ForegroundColor Magenta "Importing Module and Snap-in"
Import-Module activedirectory -ErrorAction Stop
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction Stop
sleep -Seconds 10

$UserList = Import-Csv .\userlist-02.csv 
#Same Password will be set for all accounts
$Password = Read-Host "Enter Password for all Accounts " -AsSecureString
$dtm = Get-Date

ForEach($user in $UserList){
Write-Host -ForegroundColor Magenta "CREATING USER"$User.Name
    New-AdUser -Name $User.Name`
    -DisplayName $User.DisplayName`
    -Surname $User.LastName`
    -GivenName $User.FirstName`
    -SamAccountName $User.SAMAccountName`
    -UserPrincipalName $User.UPN`
    -Title $User.JobTitle`
    -OfficePhone $User.OfficePhone -MobilePhone $User.MobilePhone`
    -PasswordNeverExpires $True -Description $User.Description`
    -Department $User.Department`
    -Enabled $True -Path $User.OU`
    -ScriptPath $User.LogonScript -AccountPassword $Password

    Write-Host -ForegroundColor Yellow "  Completing, Please wait..."
    sleep -Seconds 10
    
    Write-Host -ForegroundColor Yellow "  Creating Mailbox for"$User.Name
    Enable-Mailbox -Identity $User.SAMAccountName -Alias $User.SAMAccountName | Out-Null

    Write-Host -ForegroundColor Yellow "  Adding"$User.Name"to"$User.Group
    Add-ADGroupMember -Identity $User.Group -Members $User.SAMAccountName
    Write-Host -ForegroundColor Green "DONE!."
}

get-mailbox -ResultSize Unlimited |
where {$_.WhenMailboxCreated -gt $dtm} |
select Name,
@{n="Display Name";e={$_.DisplayName}},
Alias,
@{n="Account Name";e={$_.SamAccountName}},
@{n="Email";e={$_.PrimarySMTPAddress}},
Database,
#@{n="Mailbox Created On";e={$_.WhenMailboxCreated}},
@{n="User Created On";e={$_.WhenCreated}},
@{n="OU";e={$_.OrganizationalUnit}} | FT -AutoSize

Open in new window

password promptoutputUserList-02.xlsx
0
 

Author Comment

by:jdube
ID: 39785337
Wasim - fantastic answer! One question and one change please:
Why the leading zeros in the phone numbers (just curious)?
Change: How would I add multiple groups?
Thanks!!
0
 
LVL 12

Expert Comment

by:Vaseem Mohammed
ID: 39785470
You can put whatever phone number you want, all data has to be maintained in excel file.
You can add user to any group, just specify group name in excel sheet, but make sure the group name is correct.
0
 
LVL 12

Expert Comment

by:Vaseem Mohammed
ID: 39785488
If u mean a user to multiple group? Then i dont think it can be covered in this script, for that more code needs to be added.
Something like taking the list of groups, breaking the list and looping again for each group.
0
 

Author Closing Comment

by:jdube
ID: 39785683
I have to give a little something to those who took the time to respond and show they are interested in helping, thank you for your response! The answer I was looking for was correctly answered by Wasim Shaikh. Thank you very, very much - the time you took to put together a concise and detailed solution is greatly appreciated!!
0
 
LVL 12

Expert Comment

by:Vaseem Mohammed
ID: 39785688
You can put multiple group names in Excel file under Group Column seperating each group by "comma" (,) and use the code below
Write-Host -ForegroundColor Magenta "Importing Module and Snap-in"
Import-Module activedirectory -ErrorAction Stop
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.E2010 -ErrorAction Stop
sleep -Seconds 10

$UserList = Import-Csv .\userlist-02.csv 
#Same Password will be set for all accounts
$Password = Read-Host "Enter Password for all Accounts " -AsSecureString
$dtm = Get-Date

ForEach($user in $UserList){
Write-Host -ForegroundColor Magenta "CREATING USER"$User.Name
    New-AdUser -Name $User.Name`
    -DisplayName $User.DisplayName`
    -Surname $User.LastName`
    -GivenName $User.FirstName`
    -SamAccountName $User.SAMAccountName`
    -UserPrincipalName $User.UPN`
    -Title $User.JobTitle`
    -OfficePhone $User.OfficePhone -MobilePhone $User.MobilePhone`
    -PasswordNeverExpires $True -Description $User.Description`
    -Department $User.Department`
    -Enabled $True -Path $User.OU`
    -ScriptPath $User.LogonScript -AccountPassword $Password

    Write-Host -ForegroundColor Yellow "  Completing, Please wait..."
    sleep -Seconds 10
    
    Write-Host -ForegroundColor Yellow "  Creating Mailbox for"$User.Name
    Enable-Mailbox -Identity $User.SAMAccountName -Alias $User.SAMAccountName | Out-Null

    $Groups = $User.Group
    $GroupList = $Groups -split(",")
    foreach($Group in $GroupList){
    Write-Host -ForegroundColor Yellow "  Adding"$User.Name"to"$Group
    Add-ADGroupMember -Identity $User.Group -Members $User.SAMAccountName
}
    Write-Host -ForegroundColor Green "DONE!."
}

get-mailbox -ResultSize Unlimited |
where {$_.WhenMailboxCreated -gt $dtm} |
select Name,
@{n="Display Name";e={$_.DisplayName}},
Alias,
@{n="Account Name";e={$_.SamAccountName}},
@{n="Email";e={$_.PrimarySMTPAddress}},
Database,
#@{n="Mailbox Created On";e={$_.WhenMailboxCreated}},
@{n="User Created On";e={$_.WhenCreated}},
@{n="OU";e={$_.OrganizationalUnit}} | FT -AutoSize

Open in new window

0
 

Author Comment

by:jdube
ID: 39785893
Thanks Wasim, you are very thorough, it is very much appreciated!
0
 
LVL 12

Expert Comment

by:Vaseem Mohammed
ID: 39786473
You are always welcome.
Your requirements were clear and to the point which helped me to come up with a solution.
0

Featured Post

Free Webinar: AWS Backup & DR

Join our upcoming webinar with experts from AWS, CloudBerry Lab, and the Town of Edgartown IT to discuss best practices for simplifying online backup management and cutting costs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Windows 10 came with  a lot of built in applications, Some organisations leave them there, some will control them using GPO's. This Article is useful for those who do not want to have any applications in their image (example:me).
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question