How to Create Bulk Users in AD using PowerShell

Creating a user account in Active Directory is easy and it involves a few steps only. However, if you have to create bulk AD users, the manual process may take a long time. So, if you want to make the process easy or automate it, you can use PowerShell to create bulk AD users.

One of the most challenging scenarios: while setting up the Active Directory for a new organization, you may need to create several hundred or even thousands of AD accounts in one go. Making so many AD accounts manually is not feasible (you may even say ‘not possible’).

SEE ALSO: How to Get Local User Accounts from Domain Computers using PowerShell?

There are several third-party software out there that can help you create bulk AD users. But if you want to understand the maths behind them, PowerShell scripts are a good option.

You can easily set up a PowerShell script that will fetch data from a CSV file and create bulk AD accounts in just a few seconds. When it comes to creating bulk AD users, PowerShell scripts work like a charm. This tutorial shows, how to create bulk AD users from a CSV file using the PowerShell script.

Pre-requisites:

  • User details in CSV format: You need to gather details of all users in CSV format to work with the PowerShell script. The first line (header) of the CSV file defines the variables like EmployeeID, EmployeeName, Manager, etc. User details start from the second line.
  • Access to AD server: To run the PowerShell script on the AD server, you need remote access to the AD server and an account with authority to create new users in Active Directory. If you are handling AD in your organization, you probably will be Domain Admin already but a delegated account should work.

SEE ALSO: How to Fix Windows Update Issues using PowerShell Script?

Create Bulk AD users from CSV using PowerShell

Here comes the interesting part. Now you have to create your PowerShell script according to the data provided in the CSV file. You need to set up all variables correctly otherwise you can easily mess up your Active Directory.

Step 1: Prepare user details in the CSV file

Let’s start with preparing the CSV file. The first line of the CSV file contains headers which work as variables for the PowerShell script. So, here is the sample of the CSV file that we have used in this tutorial:

Sample CSV File Template to create bulk users in AD
Sample CSV File Template

The first line contains EMPLOYEE_ID, NAME, EMAIL_ID, MANAGER_ID, ORG_NAME, DESIGNATION, LOCATION, DEPARTMENT, OU & PASSWORD. These variables are self-explanatory and easy to understand.

You may set up variables according to your requirements. You have to manually enter the value of the OU variable depending on your AD structure. So, in our test AD environment, we have created all users in Employees OU containing 3 sub-OUs: Location1, Location2, and Location3.

OU Structure in Active Directory
OU Structure in Active Directory

You can create all User OUs at the root but creating sub OUs helps with Group Policy deployment. If the destination OU for the user is at the root of the domain, you can use the OU path as the following:

OU=Employees,DC=hellpc,DC=local

But if you are moving users to sub-OUs, you can use the following path:

OU=Location1,OU=Employees,DC=hellpc,DC=local

Don’t forget to replace the names of OUs and the domain with your own OUs and domain names. We are using a common password for all users which will be changed at first login.


SEE ALSO: How to Reset Passwords of Users in any Domain using PowerShell Script?

Step 2: Create the PowerShell Script

After you have prepared your CSV file with all the required user details, it’s time to work on the PowerShell script. The code of the PowerShell script is shown below.

#########################################################
# This Script enables you to create bulk users in AD    #
# using csv file.                                       #
# Last Updated: 22-Nov-2018                             #
# Author: Aslam Khan (WINDOSPC.COM)                     #
#########################################################

# Import active directory module for running AD cmdlets
Import-Module ActiveDirectory

#Store the data from CSV file to the $ADUsers variable
$ADUsers = Import-csv Path_to_file\filename.csv

# Looping through each row containing user details in the CSV file 
foreach ($User in $ADUsers)
{
#Read user data from each column in each row of CSV and assign the data to variables 
$EmployeeID = $User.EMPLOYEE_ID
$Password = $User.PASSWORD
$name = $User.EMPLOYEE_NAME
$Firstname,$Middlename,$Lastname = $User.EMPLOYEE_NAME –split ' ' # Split the name into Firstname, Middlename & Surname.
$surname = ('{0} {1}' -f $Middlename, $Lastname).TrimEnd() # Combines Middlename & Surname into Surname.
$OU = $User.OU # Name of OU in AD where user account will be created.
$email = $User.EMAIL_ID
$jobtitle = $User.DESIGNATIONNAME
$manager = $User.REPORTINGTO
$department = $User.DEPARTMENT
$company = $User.COMPANY
$office = $User.LOCATION
$i = 1 # This variable will be used if two users have same name. Second user will get 1 added to their surname.

# Check to see if the user already exists in AD
if (Get-ADUser -Filter {SamAccountName -eq $EmployeeID})
{
# If user already exists, give a warning.
Write-Warning "A user account with Employee ID $EmployeeID : $name already exist in Active Directory."
}
else
{
if (Get-ADUser -Filter {Name -eq $name})
{
# Employee ID doesn't exist in AD but Username already exists, now we will add "1" to the surname of new user account
New-ADUser `
-SamAccountName $EmployeeID `
-UserPrincipalName "[email protected]" `
-Name "$name$i" `
-Enabled $True `
-DisplayName "$name$i" `
-EmailAddress $email `
-GivenName $Firstname `
-Surname "$surname$i" `
-Office $office `
-Path $OU `
-Title $jobtitle `
-Department "$department" `
-Company $company `
-Manager $manager `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
-ChangePasswordAtLogon $True `
Write-output "User $EmployeeID : $name created successfully!"
}
else {
# User does not exist in AD. Proceed to create the new user account without adding "1" to surname.
New-ADUser `
-SamAccountName $EmployeeID `
-UserPrincipalName "[email protected]" `
-Name "$name" `
-Enabled $True `
-DisplayName "$name" `
-EmailAddress $email `
-GivenName $Firstname `
-Surname $surname `
-Office $office `
-Path $OU `
-Title $jobtitle `
-Department "$department" `
-Company $company `
-Manager $manager `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
-ChangePasswordAtLogon $True `
Write-output "User $EmployeeID : $name created successfully!"
}
}
} #End

Just copy and paste it into Notepad and save it as Script.ps1. File extension .ps1 is necessary to make it a PowerShell script.

In the Notepad after copying this code, press Ctrl + S. Then select All files in the file type drop-down and type Script.ps1 as the name in the file name field. Then click on the Save button to save your PowerShell script.

Save Script as ps1 File to Create Bulk Users in Active Directory
Save Script as ps1 File

The script imports data from the CSV file and stores it in variables. Don’t forget to provide the path and name of the CSV file by replacing the following text Path_to_file\filename.csv

This script allows you to use your full name instead of providing the first name & surname separately. It will automatically split the full name into first name and surname.

This script checks for existing user accounts. If a user account with the provided employee ID already exists it shows you a warning that the specified user account already exists and moves to the next user. However if employee ID doesn’t exist but user name exists, the script adds “1” to the surname of the user.

One Important note: If you are creating users in a new AD (with no existing users), remove all the lines containing “-Manager $manager `” from the script. Because it will make powershell throw an error for the non-existence of the Manager in AD.

However, if you are creating new users on the existing Active Directory that already contains the manager’s AD account, you can leave the script as it is.


SEE ALSO: How to Remove Pre-installed Windows 10 Apps using PowerShell?

Step 3: Create Bulk AD Users using PowerShell Script

Now, it’s time to work our script magic. Copy your CSV file and PowerShell script to your AD server. In this tutorial, we have copied both the files to “BulkUserCreation” folder in C drive.

Copy Script and CSV File to a Folder on AD Server
Copy the Script and CSV File to a Folder on the AD Server

Open PowerShell in the same folder where the script is present. Click on File > Open Windows PowerShell > Open Windows PowerShell as administrator to open PowerShell as admin.

Open PowerShell as Administrator in the Same folder to create bulk AD users
Open PowerShell as Administrator in the same folder

Now, type the name of your script and press the tab button to auto-complete it. After you see the name of your script, press Enter to execute it. If you configured everything correctly, all the users mentioned in the CSV file will be created without error.

Run PowerShell Script to Create Bulk Users
Run PowerShell Script

Step 4: Verify the Results

After you have successfully created bulk AD users from the CSV file using the PowerShell script, it’s time to verify if users have been created correctly. You can open the Users and Computers console to view created users. Go to RUN type dsa.msc and press Enter.

Go to RUN, type dsa.msc and press Enter
Go to RUN, type dsa.msc, and press Enter

Active Directory Users and Computers console will open. You can verify created users by going to the OU where you created the users using the PowerShell script.

Verify Created Users in Active Directory
Verify Created Users in Active Directory

SEE ALSO: How to Rename Local Admin and Change Password using GPO?

Create Bulk AD Users from CSV using PowerShell Script

Using the PowerShell script, you can create hundreds to thousands of users in a short time. The only time it takes is to prepare the CSV file and set the script for the first time. You can customize the script according to your requirements. You can add more variables, remove unwanted variables, or change their names according to your requirements.

If you liked this tutorial, share it with your friends and the people in the IT industry. Feel free to comment if you face any issues. Subscription is free and you will get our latest posts by email.

Editorial Staff

Hi there, we are the editorial staff at WINDOSPC (former HELLPC). We are a team of funny and technical people. Feel free to get in touch with us via Contact-Us page.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.