HELP ! Urgent  Mass Account Creation in a Domain within a specific OU

Posted on 2016-10-17
Last Modified: 2016-10-28

I need a powershel Script for a mass user account creation.
Below are the specification

1- Account will be created in a Domain within a specific OU
Path = OU=Test,OU=Users,DC=Genactic,DC=sys

2- The Login accounts should be from
TCA0008000 to TCA0009999

3- First Name = Agency Sales Notebook (Same First Name For all accounts)

4- Last Name = CLL (Same Last Name For all accounts)

5- Email = (Same email For all accounts)

6- Passwords = None or any passwords (The account are not inteaded for login purposes)

7- The account should be disabled when created

8- Password Never Expired

9- Account never expired

10- A log file to check the account creation.

I would like to be able to modify the domain, the OU path, the  first and last name and the email in order to run the script for an other domain with different input.

Thank You !
Question by:AMATERASOU
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 15

Expert Comment

by:Todd Nelson
ID: 41847502
At a basic level, I feel you should start with a CSV file for all your users that you need created.  Something similar to this.  The Name field has to be defined and unique across all accounts, and ideally, the UPN should be defined as well...


Open in new window

Then, use a script similar to this to create the users with your specified criteria...

Import-Module ActiveDirectory

$MyPassword = Read-Host "Enter Password" -AsSecureString

Import-Csv "C:\Tools\Scripts\MyNewUsers.csv" | ForEach-Object { 

     New-ADUser -Name $_.Name -SamAccountName $_.Name -UserPrincipalName $_.UserPrincipalName -DisplayName "Agency Sales Notebook CLL" -Surname "CLL" -Path "OU=Users,OU=Test,DC=d2,DC=local" -Email "" -AccountPassword $MyPassword -PasswordNeverExpires $True -Enabled $False


Open in new window

Hope that helps.  Let me know.
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 41847516
Import-Module ActiveDirectory
$MyPassword = Read-Host 'Enter Password' -AsSecureString
[int] $counter = 8000
$username = 'TCA0000'+ $counter.tostring()
$userprincipalname = $username + '@genactic.sys'
$name = $username
New-ADUser -Name $Name -SamAccountName $username -UserPrincipalName $UserPrincipalName -DisplayName 'Agency Sales Notebook CLL' -Surname 'CLL' -Path 'OU=Test,OU=Users,DC=Genactic,DC=sys' -Email '' -AccountPassword $MyPassword -PasswordNeverExpires $True -Enabled $False -whatif
} while ($counter -le 9999)


Open in new window


Expert Comment

ID: 41847783
Run the below using Exchange power Shell.  Key in all users' details in the attached csv file.

[PS] C:\>Import-CSV "C:\Users\yourpath\Downloads\userlist.csv" | foreach {new-mailbox -Name $_.DisplayName -FirstName $_.Firstname -LastName $_.Lastname -DisplayName $_.DisplayName -Alias $_.alias  -Database $_.Database -password (ConvertTo-SecureString $_.password -AsPlainText -force) -ResetPasswordOnNextLogon $true -UserPrincipalName $_.UPN -OrganizationalUnit $_.OrganizationalUnit}
Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.


Author Comment

ID: 41848169
Hello ,

But i will like to Log Account creation in an output file with the account names and Status (OK or KO)

David Johnson is the script which feef better

Import-Module ActiveDirectory
$MyPassword = Read-Host 'Enter Password' -AsSecureString
[int] $counter = 8000
$username = 'TCA0000'+ $counter.tostring()
$userprincipalname = $username + '@genactic.sys'
$name = $username
New-ADUser -Name $Name -SamAccountName $username -UserPrincipalName $UserPrincipalName -DisplayName 'Agency Sales Notebook CLL' -Surname 'CLL' -Path 'OU=Test,OU=Users,DC=Genactic,DC=sys' -Email '' -AccountPassword $MyPassword -PasswordNeverExpires $True -Enabled $False -whatif
} while ($counter -le 9999)


Thank you
LVL 15

Accepted Solution

Todd Nelson earned 500 total points
ID: 41848376
I like David's script too. But I had to modify it because it would not have not created the users with the "-WhatIf" parameter present.

Also, I modified to create users TCA0008000 to TCA0009999 (based on your example) instead of TCA00008000 to TCA00009999--with one extra zero.

And I removed the unnecessary $name variable because it is redundant to the $username variable.

I added the GivenName parameter for each users based on your criteria and removed SamAccountName because it is based on the Name parameter and added without specifying explicitly.

Lastly, I added a section that makes the variables easy to locate and update based on whatever environment they need to be changed for.

Therefore, I suppose you want something like this with basic output logged of the values you need set...

Import-Module ActiveDirectory

$MYPASSWORD = Read-Host "Enter Password" -AsSecureString

[int] $counter = 8000

do {

     $USERNAME = "TCA000"+ $counter.tostring()
     $USERPRINCIPALNAME = $USERNAME + "@Genactic.sys"
     $DISPLAYNAME = "Agency Sales Notebook CLL"
     $FIRSTNAME = "Agency Sales Notebook"
     $LASTNAME = "CLL"
     $OUPATH = "OU=Test,OU=Users,DC=Genactic,DC=sys"

     New-ADUser -Name $USERNAME -UserPrincipalName $USERPRINCIPALNAME -DisplayName $DISPLAYNAME -GivenName $FIRSTNAME -Surname $LASTNAME -Path $OUPATH -Email $EMAILADDRESS -AccountPassword $MYPASSWORD -PasswordNeverExpires $True -Enabled $False

     Get-ADUser -Identity $USERNAME -Properties EmailAddress,DisplayName,PasswordNeverExpires,Enabled | Select-Object Name,GivenName,Surname,DisplayName,EmailAddress,DistinguishedName,SamAccountName,UserPrincipalName,PasswordNeverExpires,Enabled | Out-file "NewUserResults.txt" -Append


} while ($counter -le 9999)

Open in new window


Author Closing Comment

ID: 41863723

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
My attempt to use PowerShell and other great resources found online to simplify the deployment of Office 365 ProPlus client components to any workstation that needs it, regardless of existing Office components that may be needing attention.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question