Create users in AD using Powershell and CSV

In this post I will be bulk creating users in AD using Powershell and a CSV file.

For that we’ll need two things:

  • a CSV file, pre-formatted with the required fields
  • a Powershell script.

Both the files I’ll be using here, you can find them at the end of this post.

Open the CSV file. It looks like this:

FirstName;LastName;SAM;OU;Password;MailDomain;Description
TestUser1;;TestUser1;CN=Users,DC=domain,DC=local;P@ssw0rd;domain.local;
TestUser2;;TestUser2;CN=Users,DC=domain,DC=local;P@ssw0rd;domain.local;
TestUser3;;TestUser3;CN=Users,DC=domain,DC=local;P@ssw0rd;domain.local;

Note that the fields are separated by a “;” because the AD DN (Distinguished Name) is separated by commas. Each line ends with a “;” for a simple reason: it is the “Description” field and I didn’t add any description for any of the users. Also note also that in all rows I have two “;” followed. That is because none of the users have a “LastName”.

After you change the CSV to meet your needs, open up the script in the PowerShell ISE, like shown below:

Create users in AD using Powershell and CSV

Change the path to match the path where you have saved your CSV file and run it!

The output will be as follow:

Create users in AD using Powershell and CSV

Actually, even if the users are not created successfully, the script will always output that the users are created because it has no error control whatsoever. I did it just not to have a blank screen after the script has finished. If you get errors, you’ll have some pretty red lines showing up 🙂

So, we have our users in AD:

Create users in AD using Powershell and CSV

The files used are:

NewUsers.CSV and CreateUsersAD_CSV.ps1 (this one is a text file. Rename it to .ps1)

As always, if you found this article useful, share it with your friends.

If you have any questions or suggestions, leave your comment.

Thank you for reading!

7 thoughts on “Create users in AD using Powershell and CSV

  • Tuesday July 10th, 2018 at 09:42 AM
    Permalink

    Hello,
    How can I add group to the MemberOf AD ? (I mean command in your script)

    Reply
  • Tuesday July 10th, 2018 at 02:18 PM
    Permalink

    Hello !!!
    how to enter into a group of users using your script.

    Reply
    • Wednesday July 11th, 2018 at 01:53 PM
      Permalink

      Hi Lev,
      using the Add-ADGroupMember cmdlet. In the ForEach loop, after creating the user, add this line after the New-ADUser line:
      Add-ADGroupMember AD_Group $SAM

      Note that AD_Group is the group where you want to add the users to.

      I hope this helps.
      Cheers

      Reply
      • Wednesday July 11th, 2018 at 02:59 PM
        Permalink

        Hi,
        I tested it, but it’s not working. Can you check where is a problem?

        Import-Module activedirectory
        $ADUsers = Import-csv C:\Users\IT\Desktop\bulk_users1.csv

        foreach ($User in $ADUsers)
        {
        $Username = $User.username
        $Password = $User.password
        $Firstname = $User.firstname
        $Lastname = $User.lastname
        $OU = $User.ou
        $email = $User.email
        $jobtitle = $User.jobtitle
        $department = $User.department
        $description= $User.description
        $Password = $User.Password

        if (Get-ADUser -F {SamAccountName -eq $Username})
        {
        Write-Warning “A user account with username $Username already exist in Active Directory.”
        }
        else
        {

        New-ADUser `

        Add-ADGroupMember Students 2018 $SAM

        -SamAccountName $Username `
        -UserPrincipalName “$Username@mydomain.com” `
        -Name “$Firstname $Lastname” `
        -GivenName $Firstname `
        -Surname $Lastname `
        -Enabled $True `
        -DisplayName “$Firstname, $Lastname” `
        -Path $OU `
        -EmailAddress $email `
        -Title $jobtitle `
        -Department $department `
        -Description $description `
        -AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $false

        }
        }

        Thank You
        Lev

        Reply
  • Wednesday July 11th, 2018 at 09:43 PM
    Permalink

    Hi Lev,
    you’ll have to adapt the code to your needs but below is the code I used, to first confirm that the user exists in the AD and if it doesn’t will create it and add it to the group. If the user already exists. the script will just add the user to the group and follow on to the next user.

    $UserExist = Get-ADUser -Filter {SamAccountName -like $SAM}
        if($UserExist){
            Write-Output "User exists"
            Add-ADGroupMember "TestGroup" $SAM
            continue
        }
        else{
            New-ADUser `
            -Name $Displayname `
            -DisplayName $Displayname `
            -SamAccountName $SAM `
            -UserPrincipalName $UPN `
            -GivenName $UserFirstname `
            -Surname $UserLastname `
            -Description $Description `
            -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) `
            -Enabled $true `
            -Path "$OU" `
            -ChangePasswordAtLogon $false `
            –PasswordNeverExpires $true 
            Write-Host $User.SAM "created successfully"
            Add-ADGroupMember TestGroup $SAM
        } 
    

    Change your script also to match the order in which this script works, ie, first you have to create the user and then only after it you can add the user to a group. You have things the other way around.

    If this doesn’t work for you show me your CSV file.

    Cheers,
    Pedro

    Reply
  • Thursday July 12th, 2018 at 03:29 PM
    Permalink

    Thank you, I used this script for add group

    $ErrorActionPreference=’Continue’
    $error.Clear()
    $i=0
    import-module activedirectory
    $pathToCSV=’C:\Users\IT\Desktop\bulk_users1.csv’
    $csv=Import-Csv -path $pathToCSV -Delimiter ‘,’
    foreach ($group in $csv)
    {
    $uname=”$($group.Username)”
    $groupname=”$($group.Groupname)”
    Add-ADGroupMember -Identity $groupname -Members $uname
    $i++
    }
    if ($error.Count -gt 0)
    {
    echo “Errors count: ” $error.Count
    }
    $success=$($i-$error.Count)
    if ($success -gt -1)
    {
    echo “Success records count: ” $success
    }

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. More information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" then you are consenting to this. To know more please read here our Privacy Policy

Close