How To Create Bulk Users in Active Directory Using Powershell | Windows Server 2012 R2

If you are an Active Directory admin in your organization, then you hold the responsibility of creating AD accounts for the employees joining the organization. Creating AD accounts is easy if you have to create only a few accounts a day. But in the big organizations, the number of people joining per day may be higher. You don’t want to spend your whole day creating those AD accounts while you have other interesting projects to finish.

In other case, for new organizations while setting up Active Directory for the first time, you may have to create several hundreds to thousands of AD accounts in one go. Making so many AD accounts manually is literally not feasible (you may say ‘not possible’).

Buy the World's Smartest Wallet for the World's Smartest Dad

There are several third party softwares out there that can help you create bulk AD users. But if you want to understand the maths behind those softwares, Powershell scripts are good options. You can easily setup a powershell script which will fetch data from a CSV file and create bulk AD accounts in just few seconds. When it comes to creating bulk AD users, powershell scripts work like a charm. This tutorial shows, how to create bulk AD users from CSV file using Powershell script.

Pre-requisites:

  1. User details in CSV format: You need to gather details of all users in CSV format to work with powershell script. First line of the CSV file defines the variables like EmployeeID, EmployeeName, Manager etc. User details start from second line.
  2. Access to AD server: In order to run powershell script on AD server, you need remote access to AD server and an account with authority to create new users in Active Directory. If you are handling AD in your organization, you probably will be Domain Admin already but a delegated account should work.

How to Create Bulk AD users from CSV using Powershell:

Here comes the interesting part. Now you have to setup your powershell script according to the data provided in CSV file. You need to setup all variables correctly otherwise you may mess-up your AD badly.

Step 1: Prepare user details in CSV file

Let’s start with preparing CSV file. First line of CSV file contains headers which work as variables for powershell script. Here is the sample of CSV file which we have used in this tutorial:

The first line contains EMPLOYEE_ID, NAME, EMAIL_ID, MANAGER_ID, ORG_NAME, DESIGNATION, LOCATION, DEPARTMENT, OU & PASSWORD. These variables are self explanatory and easy to understand. You may setup your own variables according to your requirements. You have to manually enter the value of OU variable depending on your AD structure. In our test AD environment, we have created all users in Employees OU containing 3 sub OUs: Location1, Location2, Location3.

You can create all User OUs at the root but creating sub OUs help with Group Policy deployment. If the destination OU for the user is at the root of the domain, you can use OU path as following:

OU=Employees,DC=hellpc,DC=local

But if you are moving users to sub-OUs, you can use following path:

OU=Location1,OU=Employees,DC=hellpc,DC=local

Don’t forget to replace names of OUs and domain with your own OUs and domain name. We are using common password for all users which will obviously be changed at first login.

EN-Recoverit Data Recovery(WIN)

Step 2: Preparing the powershell script

After you have prepared your CSV file with all required user details, it’s time to work on powershell script. The code of powershell script is shown below.

#########################################################
# This Script enables you to create bulk users in AD    #
# using csv file.                                       #
# Last Updated: 22-Nov-2018                             #
# Author: Aslam Khan (HELLPC.NET)                       #
#########################################################

# Import active directory module for running AD cmdlets
Import-Module ActiveDirectory

#Store the data from CSV file to the $ADUsers variable
$ADUsers = Import-csv Path_to_file\filename.csv

# Looping through each row containing user details in the CSV file 
foreach ($User in $ADUsers)
{
#Read user data from each column in each row of CSV and assign the data to variables 
$EmployeeID = $User.EMPLOYEE_ID
$Password = $User.PASSWORD
$name = $User.EMPLOYEE_NAME
$Firstname,$Middlename,$Lastname = $User.EMPLOYEE_NAME –split ' ' # Split the name into Firstname, Middlename & Surname.
$surname = ('{0} {1}' -f $Middlename, $Lastname).TrimEnd() # Combines Middlename & Surname into Surname.
$OU = $User.OU # Name of OU in AD where user account will be created.
$email = $User.EMAIL_ID
$jobtitle = $User.DESIGNATIONNAME
$manager = $User.REPORTINGTO
$department = $User.DEPARTMENT
$company = $User.COMPANY
$office = $User.LOCATION
$i = 1 # This variable will be used if two users have same name. Second user will get 1 added to their surname.

# Check to see if the user already exists in AD
if (Get-ADUser -Filter {SamAccountName -eq $EmployeeID})
{
# If user already exists, give a warning.
Write-Warning "A user account with Employee ID $EmployeeID : $name already exist in Active Directory."
}
else
{
if (Get-ADUser -Filter {Name -eq $name})
{
# Employee ID doesn't exist in AD but Username already exists, now we will add "1" to the surname of new user account
New-ADUser `
-SamAccountName $EmployeeID `
-UserPrincipalName "[email protected]" `
-Name "$name$i" `
-Enabled $True `
-DisplayName "$name$i" `
-EmailAddress $email `
-GivenName $Firstname `
-Surname "$surname$i" `
-Office $office `
-Path $OU `
-Title $jobtitle `
-Department "$department" `
-Company $company `
-Manager $manager `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
-ChangePasswordAtLogon $True `
Write-output "User $EmployeeID : $name created successfully!"
}
else {
# User does not exist in AD. Proceed to create the new user account without adding "1" to surname.
New-ADUser `
-SamAccountName $EmployeeID `
-UserPrincipalName "[email protected]" `
-Name "$name" `
-Enabled $True `
-DisplayName "$name" `
-EmailAddress $email `
-GivenName $Firstname `
-Surname $surname `
-Office $office `
-Path $OU `
-Title $jobtitle `
-Department "$department" `
-Company $company `
-Manager $manager `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
-ChangePasswordAtLogon $True `
Write-output "User $EmployeeID : $name created successfully!"
}
}
} #End

Just copy and paste it in notepad and save as Script.ps1. File extension .ps1 is necessary to make it powershell script. In the Notepad after copying this code, press Ctrl + S. Then select All files in file type drop-down and type Script.ps1 as name in file name field. Then click on Save button to save your powershell script.

The script imports data from the CSV file and stores it in variables. Don’t forget to provide path and name of CSV file by replacing following text Path_to_file\filename.csv

This script allows you to use full name instead of providing Firstname & Surname separately. It will automatically separate full name into Firstname and surname.

This script checks for existing user accounts. If a user account with provided employee ID already exists it shows you a warning that specified user account already exists and moves to next user. However if employee ID doesn’t exist but user name exists, the script adds “1” to the surname of the user.

One Important note: If you are creating users in new AD (with no existing users), remove all the lines containing “-Manager $manager `” from the script. Because it will make powershell throw an error for non-existence of Manager in AD. However if you are creating new users on existing Active Directory which already contain manager’s AD account, you can leave the script as it is.

Buy the World's Smartest Wallet for the World's Smartest Dad

Step 3: Creating Bulk AD users using script

Now, it’s time to work our script magic. Copy your CSV file and powershell script to your AD server. In this tutorial I have copied both the files to “BulkUserCreation” folder in C drive.

Open powershell in the same folder where the script is present. Click on File > Open Windows PowerShell > Open Windows PowerShell as administrator to open Powershell as admin.

Now, type the name of your script and press tab to auto-complete it. After you see the name of your script, press Enter to execute it. If you configured everything correctly, all the users mentioned in the CSV file will be created without error.

Buy the World's Smartest Wallet for the World's Smartest Dad

Step 4: Verifying the results

After you have successfully created bulk AD users from CSV file using powershell script, it’s time to verify if users have been created correctly. You can open Users and computers console to view created users. Go to RUN type dsa.msc and press Enter.

Active Directory Users and Computers console will open. You can verify created users by going to the OU where you created the users using powershell script.

Using the powershell script, you can create hundreds to thousands users within short period of time. Only time it takes is to prepare CSV file and setting the script for the first time. You can customize the script according to your requirements. You can add more variables, remove unwanted variables or change their names according to your requirements. Feel free to comment if you face any issues. Enjoy, have fun!

About Aslam Khan

Hi there, I am a blogger, engineer and a computer geek. I love kittens. I spend some of my time blogging besides full time job as Senior Windows Administrator. I like to learn new things.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.