Active Directory User Management using Powershell

-
Active Directory User Management using Powershell

Creating a Single User
New-ADUser –SamAccountName “username” –DisplayName “username” –givenName “Username” –Surname “surname” –AccountPassword (ReadHost –AsSecureString “Message”) –Enabled $true –Path ‘CN=Users,DC=Doc,DC=Com’ –CannotChangePassword $false –ChangePasswordAtLogon $true –PasswordNeverExpires $false -EmailAddress “email” –EmployeeID “ID” –Department “string”



SamAccountName – Specifies the SAM Account name of the user. ”New-ADUser” command should have this parameter for creating a user. You can pass a string value in it.

DisplayName – Specifies the name to be displayed.
Surname – Specifies the surname of the user.
AccountPassword – Specifies the account password for the user. However, the password has to be provided after executing the command as a secured string. The default value for this parameter would be as follows.–AccountPassword (ReadHost –AsSecureString “Message”)
Enabled – Specifies whether the new user will be enabled or disabled. If you’re not providing the password, then the user will be disabled by default. You can provide $true for true and $false for false.
Path – Specifies the path of Active Directory where the new user will be created. Its value should be passed between single quotes, such as –Path ‘CN=Users,DC=Domain,DC=Com’
CannotChangePassword – Specifies whether the user can change the password or not. The two acceptable values will be $true and $false.
ChangePasswordAtLogon – Specifies whether the new user has to change the password on the first login or not. The two acceptable values will be $true and $false.
PasswordNeverExpires – Specifies whether the password will never expire. The two acceptable values will be $true and $false.
EmailAddress – Specifies the email address of the new user.
Department – Specifies the department of the new user.
EmployeeID – Specifies the employee ID of the new user.

Creating Bulk Users

Create a CSV file for creating the bulk users through PowerShell using the Import-CSV CMDlet


Execute the following command

Import-CSV D:\add_users.csv | New-ADUser

Edit department of bulk users using .csv file

$Users=import-csv "C:\Temp\filename.csv"
foreach ($user in $Users)
{
$ID = $user.SamAccountName
$Dep = $user.Department
Set-ADUser -Identity $ID -Department $Dep
}


Comments

Post a Comment

Popular posts from this blog

How to Switch Domain Controller or Logon server in client

-
To find the current logon server Open the command prompt and type echo %logonserver% To switch the Domain Controller Open the command prompt and type nltest /Server: ClientComputerName  /SC_RESET: DomainName \ DomainControllerName To set the Domain Controller Via Registry Open the registry editor Navigate to: HKEY_LOCAL_MACHINE/ SYSTEM/ CurrentControlSet/ Services/ Netlogon/ Parameters Create a String value called “SiteName“, and set it to the domain controller you wish the computer to connect to. (ie. DC1.domain.com)
Read more

Missing SYSVOL and NETLOGON

-
Open Regedit Browse to  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters Set  SysVolReady  from 0 to 1 Close Regedit This will create the SYSVOL share Verify the replication by running the following command. For /f %i IN ('dsquery server -o rdn') do @echo %i && @wmic /node:"%i" /namespace:\\root\microsoftdfs path dfsrreplicatedfolderinfo WHERE replicatedfoldername='SYSVOL share' get replicationgroupname,replicatedfoldername,state The states should translate as below 0 = Uninitialized 1 = Initialized 2 = Initial Sync 3 = Auto Recovery 4 = Normal 5 = In Error If you run the command to see the state of the replication you will see that the servers are all showing state 4 as below and both Sysvol and Netlogon will be replicated Enable Ginger Cannot connect to Ginger Check your internet connection or reload the browser Disable in this text field Rephrase Rephrase current sentence Edit in Ginger ×
Read more