Create users using CSV and Powershell

There have been a lot of questions on the internet about how to create users from csv so I wondered if I could just create a quick simple guide how to do this. First we need to decide what attributes we are going to implement into the CSV file, we need some required attributes such as First Name, Last Name, Display Name, Username and so on. You can run the following command to see what attributes you can add or modify to the user, in this example I will just use Administrator

Get-ADUser Administrator -Properties *

These are the attributes in this scenario which I am going to use in the script

• Surname - The last name of the user or the family name
• FirstName - Given name
• DisplayName - Full name
• SamAccountName - Username
• Name - Full name
• AccountPassword - User Password
• Path - Path where the user should be placed
• Enabled - If the user should be enabled or disabled
• UserPrincipalName - The UPN or would be something like [email protected]
• ProfilePath - Where the profile data should be placed, use UNC path
• HomeDirectory - UNC path where the user can save their data to
• Department - The department
• HomeDrive - Driveletter for the HomeDirectory

We start by creating the CSV file, create a file name Users.csv in a folder named C:\UserCreation folder on the server where the RSAT tools are installed or on the Active Directory controller. We will create two users in this example

FirstName;LastName;Password;Department
John;Doe;P@ssw0rd.123;Forensics
Jane;Doe;P@ssw0rd.123;Law

You probably noticed that the CSV file does not contain all the property parameters which I mentioned above, that is because I′m going to auto build some of the property values using the script. Here is the script to build a user.

#Import the values for the users
$UserValues = Import-Csv -Path c:\UserCreation\Users.csv -Delimiter ";"#Create the user function so I will not repeat myselffunctioncreateUsers($FirstName, $LastName, $Password, $Department){
    #The path for the user to be placed, in this scenario I put them in a department OU and Users
    $OUPath = "OU=Users,OU=$Department,OU=Departments,DC=TSTDOMAIN,DC=COM"

    #Convert the password to securestring
    $AccountPassword = (ConvertTo-SecureString -AsPlainText $Password -Force)

    #Create the Displayname, samaccountname, userprincipal name
    $DisplayName =  $FirstName+" "+$LastName
    $SamAccountName = $FirstName+"."+$LastName
    $UserPrincipalName = $SamAccountName+"@tstdomain.com"

    #Create the profile and home directory based
    $ProfilePath = "\\tstdomain.com\Users\$Department\$SamAccount\Profile"
    $HomeDirectory = "\\tstdomain.com\Users\$Department\$SamAccount\Home"

    #Set the HomeDrive letter
    $HomeDrive = "H:"

    #Try to create the user
    try{
        New-ADUser -Surname $Name -GivenName $Name -DisplayName $DisplayName -SamAccountName $SamAccount -Name $DisplayName -AccountPassword $AccountPassword -Path $OU -Enabled $true -UserPrincipalName $UserPrincipalName -ProfilePath $ProfilePath -HomeDirectory $HomeDirectory -Department $Department -HomeDrive $HomeDrive
    }catch{
        #If there is an error, capture it and display the error
        $ErrorMessage = $_.Exception.Message
        Write-Host $ErrorMessage -ForegroundColor Red
    }
}

#Notice that I use single instead of plural variable in the foreachforeach($UserValue in $UserValues){
    #call the createUsers function to create the user
    createUsers -FirstName $UserValue.FirstName -LastName $UserValue.LastName -Password $UserValue.Password -Department $UserValue.Department
}

Note if you are going to add some extended attributes you can use the following property in the New-ADUser command, you can place variables in the values for the attribute.

-OtherAttributes @{'title'="forensics director";'mail'="[email protected]"}

Hope you can use this :)