How to Create Bulk Users in AD using PowerShell

Creating user accounts in Active Directory is easy if you have to create only a few accounts in a day. But in the big organizations, the number of people joining per day may be higher. And sometimes, you might need to create AD users in bulk.

One of the worst case scenario: while setting up Active Directory for new organization, you may need to create several hundreds or even thousands of AD accounts in one go. Making so many AD accounts manually is literally not feasible (you may even say ‘not possible’).

SEE ALSO: How to Get Local User Accounts from Domain Computers using PowerShell?

Though, there are several third party software out there that can help you create bulk AD users. But if you want to understand the maths behind those software, PowerShell scripts are good option. You can easily setup a PowerShell script that will fetch data from a CSV file and create bulk AD accounts in just few seconds. When it comes to creating bulk AD users, PowerShell scripts work like a charm. This tutorial shows, how to create bulk AD users from CSV file using PowerShell script.

Pre-requisites:

• User details in CSV format: You need to gather details of all users in CSV format to work with PowerShell script. First line of the CSV file defines the variables like EmployeeID, EmployeeName, Manager etc. User details start from second line.
• Access to AD server: In order to run PowerShell script on AD server, you need remote access to AD server and an account with authority to create new users in Active Directory. If you are handling AD in your organization, you probably will be Domain Admin already but a delegated account should work.

Create Bulk AD users from CSV using PowerShell

Here comes the interesting part. Now you have to create your PowerShell script according to the data provided in CSV file. You need to setup all variables correctly otherwise you can easily mess-up your Active Directory.

Step 1: Prepare user details in CSV file

Let’s start with preparing CSV file. The first line of CSV file contains headers which work as variables for PowerShell script. So, here is the sample of CSV file which we have used in this tutorial:

The first line contains EMPLOYEE_ID, NAME, EMAIL_ID, MANAGER_ID, ORG_NAME, DESIGNATION, LOCATION, DEPARTMENT, OU & PASSWORD. These variables are self explanatory and easy to understand. You may setup your own variables according to your requirements. You have to manually enter the value of OU variable depending on your AD structure. So, in our test AD environment, we have created all users in Employees OU containing 3 sub OUs: Location1, Location2, Location3.

You can create all User OUs at the root but creating sub OUs help with Group Policy deployment. If the destination OU for the user is at the root of the domain, you can use OU path as following:

OU=Employees,DC=hellpc,DC=local

But if you are moving users to sub-OUs, you can use following path:

OU=Location1,OU=Employees,DC=hellpc,DC=local

Don’t forget to replace names of OUs and domain with your own OUs and domain name. We are using common password for all users which will obviously be changed at first login.

SEE ALSO: How to Reset Passwords of Users in any Domain using PowerShell Script?

Step 2: Create the PowerShell Script

After you have prepared your CSV file with all required user details, it’s time to work on powershell script. The code of powershell script is shown below.

#########################################################
# This Script enables you to create bulk users in AD    #
# using csv file.                                       #
# Last Updated: 22-Nov-2018                             #
# Author: Aslam Khan (HELLPC.NET)                       #
#########################################################

# Import active directory module for running AD cmdlets
Import-Module ActiveDirectory

#Store the data from CSV file to the $ADUsers variable
$ADUsers = Import-csv Path_to_file\filename.csv

# Looping through each row containing user details in the CSV file 
foreach ($User in $ADUsers)
{
#Read user data from each column in each row of CSV and assign the data to variables 
$EmployeeID = $User.EMPLOYEE_ID
$Password = $User.PASSWORD
$name = $User.EMPLOYEE_NAME
$Firstname,$Middlename,$Lastname = $User.EMPLOYEE_NAME –split ' ' # Split the name into Firstname, Middlename & Surname.
$surname = ('{0} {1}' -f $Middlename, $Lastname).TrimEnd() # Combines Middlename & Surname into Surname.
$OU = $User.OU # Name of OU in AD where user account will be created.
$email = $User.EMAIL_ID
$jobtitle = $User.DESIGNATIONNAME
$manager = $User.REPORTINGTO
$department = $User.DEPARTMENT
$company = $User.COMPANY
$office = $User.LOCATION
$i = 1 # This variable will be used if two users have same name. Second user will get 1 added to their surname.

# Check to see if the user already exists in AD
if (Get-ADUser -Filter {SamAccountName -eq $EmployeeID})
{
# If user already exists, give a warning.
Write-Warning "A user account with Employee ID $EmployeeID : $name already exist in Active Directory."
}
else
{
if (Get-ADUser -Filter {Name -eq $name})
{
# Employee ID doesn't exist in AD but Username already exists, now we will add "1" to the surname of new user account
New-ADUser `
-SamAccountName $EmployeeID `
-UserPrincipalName "[email protected]" `
-Name "$name$i" `
-Enabled $True `
-DisplayName "$name$i" `
-EmailAddress $email `
-GivenName $Firstname `
-Surname "$surname$i" `
-Office $office `
-Path $OU `
-Title $jobtitle `
-Department "$department" `
-Company $company `
-Manager $manager `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
-ChangePasswordAtLogon $True `
Write-output "User $EmployeeID : $name created successfully!"
}
else {
# User does not exist in AD. Proceed to create the new user account without adding "1" to surname.
New-ADUser `
-SamAccountName $EmployeeID `
-UserPrincipalName "[email protected]" `
-Name "$name" `
-Enabled $True `
-DisplayName "$name" `
-EmailAddress $email `
-GivenName $Firstname `
-Surname $surname `
-Office $office `
-Path $OU `
-Title $jobtitle `
-Department "$department" `
-Company $company `
-Manager $manager `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
-ChangePasswordAtLogon $True `
Write-output "User $EmployeeID : $name created successfully!"
}
}
} #End

Just copy and paste it in Notepad and save as Script.ps1. File extension .ps1 is necessary to make it a PowerShell script. In the Notepad after copying this code, press Ctrl + S. Then select All files in file type drop-down and type Script.ps1 as name in file name field. Then click on Save button to save your PowerShell script.

The script imports data from the CSV file and stores it in variables. Don’t forget to provide path and name of CSV file by replacing following text Path_to_file\filename.csv

This script allows you to use full name instead of providing Firstname & Surname separately. It will automatically split full name into Firstname and Surname.

This script checks for existing user accounts. If a user account with provided employee ID already exists it shows you a warning that specified user account already exists and moves to next user. However if employee ID doesn’t exist but user name exists, the script adds “1” to the surname of the user.

One Important note: If you are creating users in new AD (with no existing users), remove all the lines containing “-Manager $manager `” from the script. Because it will make powershell throw an error for non-existence of Manager in AD. However if you are creating new users on existing Active Directory which already contain manager’s AD account, you can leave the script as it is.

SEE ALSO: How to Remove Pre-installed Windows 10 Apps using PowerShell?

Step 3: Create Bulk AD Users using PowerShell Script

Now, it’s time to work our script magic. Copy your CSV file and PowerShell script to your AD server. In this tutorial, we have copied both the files to “BulkUserCreation” folder in C drive.

Open PowerShell in the same folder where the script is present. Click on File > Open Windows PowerShell > Open Windows PowerShell as administrator to open PowerShell as admin.

Now, type the name of your script and press tab to auto-complete it. After you see the name of your script, press Enter to execute it. If you configured everything correctly, all the users mentioned in the CSV file will be created without error.

Step 4: Verify the Results

After you have successfully created bulk AD users from CSV file using PowerShell script, it’s time to verify if users have been created correctly. You can open Users and Computers console to view created users. Go to RUN type dsa.msc and press Enter.

Active Directory Users and Computers console will open. You can verify created users by going to the OU where you created the users using powershell script.

SEE ALSO: How to Rename Local Admin and Change Password using GPO?

Create Bulk AD Users from CSV using PowerShell Script

Using the PowerShell script, you can create hundreds to thousands of users within short period of time. Only time it takes is to prepare CSV file and setting the script for the first time. You can customize the script according to your requirements. You can add more variables, remove unwanted variables or change their names according to your requirements.

If you liked this tutorial, share it with your friends and the people in IT industry. Feel free to comment if you face any issues. Subscription is free and you will get our latest posts by email.