[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Powershell script to create user names from a text file - HELP!

Posted on 2014-12-03
7
Medium Priority
?
579 Views
Last Modified: 2014-12-22
Hello Experts,
I need help creating a script in PowerShell to create users in AD from a csv file. The file contains users in this format:

COMPANY,SAM-Account Name, Password, Path (OU to be placed in), First Name, Initial, Last Name, Display Name, Security Group, CannotChangePassword, PasswordNeverExpires, email address, user-principle-name

So as a sample user whos name is Joe Blow and works at EE, this is how the format is in the csv:

EE,jblow,TempPass1,"OU=EE,OU=Customers,DC=Portal,DC=local",Joe,J,Blow, Joe Blow,PORTAL.local\Customers,FALSE,TRUE,joe.blow@expertsexchange.com,jblow@portal.local

The users I am importing from the CSV file can be exported in another format or rearranged if it helps, thanks in advance!
0
Comment
Question by:Sir Learnalot
7 Comments
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 750 total points
ID: 40479228
Does the csv have column headers?  If so, you might use import-csv to bring in the data.
Otherwise, if you have to 'force' it, this should get the job done: (confirm is set, to prevent it from completing without your say-so)
$data = get-content 'filename.csv'
foreach ($values in $data) {
  $item = $values.split(',')
  $COMPANY=$item[0]
  $SAM = $item[1]
  $Password = $item[2]
  $OUPath=$item[3]
  $FirstName = $item[4]
  $Initial=$item[5]
  $LastName=$item[6]
  $DisplayName=$item[7]
  $SecurityGroup=$item[8]
  $CannotChangePassword=$item[9]
  $PasswordNeverExpires=$item[10]
  $emailaddress=$item[11]
  $upn=$item[12]
  New-ADUser -samaccountname $SAM -company $company -DisplayName $displayName -EmailAddress $emailaddress -givenname $firstname -sn $lastname -initials $initial -passwordneverexpires $passwordneverexpires -userprincipalname $upn -path $OUPath -CannotChangePassword $CannotChangePassword -confirm $true
add-adgroupmember $securitygroup $samaccountname
}

Open in new window

0
 
LVL 6

Author Comment

by:Sir Learnalot
ID: 40479589
I tried this and ran into tons of trouble :P I do appreciate the effort though as I was able to use your code with some slight modifications :) However, now that I got the syntax properly, I am running into another error...

screen of ps error
$data = get-content 'C:\Users\portalservice\Desktop\Test1.csv'
$Password = (Read-Host -AsSecureString "AccountPassword")
foreach ($values in $data) {
  $item = $values.split(':')
  $COMPANY=$item[0]
  $SAM = $item[1]
  $Pword = $item[2]
  $OUPath=$item[3]
  $FirstName = $item[4]
  $Initial=$item[5]
  $DisplayName=$item[6]
  $SecurityGroup=$item[7]
  $LastName=$item[8]
  $emailaddress=$item[9]
  $upn=$item[10]
  New-ADUser -Name $DisplayName -samaccountname $SAM -AccountPassword $Password -company $COMPANY -DisplayName $DisplayName -EmailAddress $emailaddress -givenname $FirstName -Surname $LastName -initials $Initial -PasswordNeverExpires 1 -userprincipalname $upn -path $OUPath -CannotChangePassword 0 -confirm
Add-adgroupmember $SecurityGroup $SAM
}

Open in new window

0
 
LVL 16

Expert Comment

by:Rajitha Chimmani
ID: 40479628
I guess you need to give some time after creating the user before you add that user to a group

Try the command, start-sleep -s 30 between new-aduser and add-adgroupmember

Also, you may consider specifying the -domaincontroller parameter in New-ADUser command.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 85

Accepted Solution

by:
David Johnson, CD, MVP earned 750 total points
ID: 40479647
in the first line of the csv change everything with spaces to something else i.e. underscores, hyphens
user security groups use
$user.samaccountname | Add-ADPrincipalGroupMembership [-Identity] $user.SecurityGroup
#
# untested will add more later
#
$users = import-csv -Path c:\test\Q_28573873.csv
foreach ($user in $users){
$changepassword = $true
$passwordExpires = $true
if ($user.CannotChangePassword = "FALSE") { $changepassword = $false}
if ($user.PasswordNeverExpires = "TRUE") { $passwordExpires = $true}
new-aduser -samaccountname $user.Sam-AcccountName -company $user.COMPANY -Password $user.Password -OU $user.OU -Given $user.First_Name -Initials $user.Initial -SurName $user.Last_Name -CannotChangePassword $changepassword -PasswordNeverExpires $passwordExpires
$user.samaccountname | Add-ADPrincipalGroupMembership [-Identity] $user.SecurityGroup
#$user | fl
}

Open in new window

Q-28573873.csv
0
 
LVL 6

Author Comment

by:Sir Learnalot
ID: 40482925
@Rajitha I tried removing the add to group entirely so thats not the problem at the moment. Would adding the DC matter if I am running the script directly off the server anyways?
0
 
LVL 16

Expert Comment

by:Rajitha Chimmani
ID: 40482987
Sometimes..yes..it does help. but, if you have a single DC then it does not matter.
0
 
LVL 6

Author Closing Comment

by:Sir Learnalot
ID: 40512908
did not end up solving the issue, will recreate a question later
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A walk-through example of how to obtain and apply new DID phone numbers to your cloud PBX enabled users that are configured in Office 365. Whether you have 1, 10 or 100+ users in your tenant, it's quite easy to get them phone-enabled and making/rece…
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question