HELP ! Urgent  Mass Account Creation in a Domain within a specific OU

Posted on 2016-10-17
Last Modified: 2016-10-28

I need a powershel Script for a mass user account creation.
Below are the specification

1- Account will be created in a Domain within a specific OU
Path = OU=Test,OU=Users,DC=Genactic,DC=sys

2- The Login accounts should be from
TCA0008000 to TCA0009999

3- First Name = Agency Sales Notebook (Same First Name For all accounts)

4- Last Name = CLL (Same Last Name For all accounts)

5- Email = (Same email For all accounts)

6- Passwords = None or any passwords (The account are not inteaded for login purposes)

7- The account should be disabled when created

8- Password Never Expired

9- Account never expired

10- A log file to check the account creation.

I would like to be able to modify the domain, the OU path, the  first and last name and the email in order to run the script for an other domain with different input.

Thank You !
Question by:AMATERASOU
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 16

Expert Comment

by:Todd Nelson
ID: 41847502
At a basic level, I feel you should start with a CSV file for all your users that you need created.  Something similar to this.  The Name field has to be defined and unique across all accounts, and ideally, the UPN should be defined as well...


Open in new window

Then, use a script similar to this to create the users with your specified criteria...

Import-Module ActiveDirectory

$MyPassword = Read-Host "Enter Password" -AsSecureString

Import-Csv "C:\Tools\Scripts\MyNewUsers.csv" | ForEach-Object { 

     New-ADUser -Name $_.Name -SamAccountName $_.Name -UserPrincipalName $_.UserPrincipalName -DisplayName "Agency Sales Notebook CLL" -Surname "CLL" -Path "OU=Users,OU=Test,DC=d2,DC=local" -Email "" -AccountPassword $MyPassword -PasswordNeverExpires $True -Enabled $False


Open in new window

Hope that helps.  Let me know.
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 41847516
Import-Module ActiveDirectory
$MyPassword = Read-Host 'Enter Password' -AsSecureString
[int] $counter = 8000
$username = 'TCA0000'+ $counter.tostring()
$userprincipalname = $username + '@genactic.sys'
$name = $username
New-ADUser -Name $Name -SamAccountName $username -UserPrincipalName $UserPrincipalName -DisplayName 'Agency Sales Notebook CLL' -Surname 'CLL' -Path 'OU=Test,OU=Users,DC=Genactic,DC=sys' -Email '' -AccountPassword $MyPassword -PasswordNeverExpires $True -Enabled $False -whatif
} while ($counter -le 9999)


Open in new window


Expert Comment

ID: 41847783
Run the below using Exchange power Shell.  Key in all users' details in the attached csv file.

[PS] C:\>Import-CSV "C:\Users\yourpath\Downloads\userlist.csv" | foreach {new-mailbox -Name $_.DisplayName -FirstName $_.Firstname -LastName $_.Lastname -DisplayName $_.DisplayName -Alias $_.alias  -Database $_.Database -password (ConvertTo-SecureString $_.password -AsPlainText -force) -ResetPasswordOnNextLogon $true -UserPrincipalName $_.UPN -OrganizationalUnit $_.OrganizationalUnit}
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!


Author Comment

ID: 41848169
Hello ,

But i will like to Log Account creation in an output file with the account names and Status (OK or KO)

David Johnson is the script which feef better

Import-Module ActiveDirectory
$MyPassword = Read-Host 'Enter Password' -AsSecureString
[int] $counter = 8000
$username = 'TCA0000'+ $counter.tostring()
$userprincipalname = $username + '@genactic.sys'
$name = $username
New-ADUser -Name $Name -SamAccountName $username -UserPrincipalName $UserPrincipalName -DisplayName 'Agency Sales Notebook CLL' -Surname 'CLL' -Path 'OU=Test,OU=Users,DC=Genactic,DC=sys' -Email '' -AccountPassword $MyPassword -PasswordNeverExpires $True -Enabled $False -whatif
} while ($counter -le 9999)


Thank you
LVL 16

Accepted Solution

Todd Nelson earned 500 total points
ID: 41848376
I like David's script too. But I had to modify it because it would not have not created the users with the "-WhatIf" parameter present.

Also, I modified to create users TCA0008000 to TCA0009999 (based on your example) instead of TCA00008000 to TCA00009999--with one extra zero.

And I removed the unnecessary $name variable because it is redundant to the $username variable.

I added the GivenName parameter for each users based on your criteria and removed SamAccountName because it is based on the Name parameter and added without specifying explicitly.

Lastly, I added a section that makes the variables easy to locate and update based on whatever environment they need to be changed for.

Therefore, I suppose you want something like this with basic output logged of the values you need set...

Import-Module ActiveDirectory

$MYPASSWORD = Read-Host "Enter Password" -AsSecureString

[int] $counter = 8000

do {

     $USERNAME = "TCA000"+ $counter.tostring()
     $USERPRINCIPALNAME = $USERNAME + "@Genactic.sys"
     $DISPLAYNAME = "Agency Sales Notebook CLL"
     $FIRSTNAME = "Agency Sales Notebook"
     $LASTNAME = "CLL"
     $OUPATH = "OU=Test,OU=Users,DC=Genactic,DC=sys"

     New-ADUser -Name $USERNAME -UserPrincipalName $USERPRINCIPALNAME -DisplayName $DISPLAYNAME -GivenName $FIRSTNAME -Surname $LASTNAME -Path $OUPATH -Email $EMAILADDRESS -AccountPassword $MYPASSWORD -PasswordNeverExpires $True -Enabled $False

     Get-ADUser -Identity $USERNAME -Properties EmailAddress,DisplayName,PasswordNeverExpires,Enabled | Select-Object Name,GivenName,Surname,DisplayName,EmailAddress,DistinguishedName,SamAccountName,UserPrincipalName,PasswordNeverExpires,Enabled | Out-file "NewUserResults.txt" -Append


} while ($counter -le 9999)

Open in new window


Author Closing Comment

ID: 41863723

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A recent project that involved parsing Tableau Desktop and Server log files to extract reusable user queries for use in other systems. I chose to use PowerShell to gather the data, and SharePoint to present it...
Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question