PowerShell to create a new user in AD

6 Oct

I thought it was about time to write the PowerShell to create a new user in AD that I’ve been meaning to do for a little while.

This is just V1, so it’s very simple right now. The code can be found in the attachment (createuser-v1.ps1) as it doesn’t always correct yin the blog.

  • It prompts the user for new users name and job title etc.
  • It creates a random password from 2 pools of words with a 2 digit number at the end and sets this as the user description.
  • If the username exists it appends a number to the end until the username is unique.
#D Harris
#05/10/2015
#Powershell to create a new user
#===============================

#modules
Import-Module ActiveDirectory
[void][System.Reflection.Assembly]::LoadWithPartialName('Microsoft.VisualBasic') 

#company details
$telephone = "+44 (0) 11 1111 1111"
$address_street = "Street"
$address_city = "City"
$address_state = "State"
$address_postcode = "AA1 1AA"
$country = "GB"
$company = "Dave Corp."
$domain = "@domain.com"

#user details
$firstname = [Microsoft.VisualBasic.Interaction]::InputBox("Please enter the first name", "First Name", "") 
$lastname = [Microsoft.VisualBasic.Interaction]::InputBox("Please enter the last name", "Last Name", "") 
$jobtitle = [Microsoft.VisualBasic.Interaction]::InputBox("Please enter the job title", "Job Title", "") 
$office = [Microsoft.VisualBasic.Interaction]::InputBox("Please enter the office", "Office", "Coventry") 
$department = [Microsoft.VisualBasic.Interaction]::InputBox("Please enter the department", "Department", "") 
$linemanager = [Microsoft.VisualBasic.Interaction]::InputBox("Please enter the line manager", "Line Manager", "") 

#calculated details
$username = $firstname.substring(0,1).ToLower() + $lastname.ToLower()
$name = $firstname + " " + $lastname
$email = $username + $domain

#make sure that the username is unique
$checkuser = Get-ADUser -LDAPFilter "(sAMAccountName=$username)"
If ($checkuser -eq $Null) {
    #username does not exist
}else{
    #username does exist
    $usernumber = 0
        do {
        $usernumber++
        $newusername = $username + $usernumber
        $checkuser = Get-ADUser -LDAPFilter "(sAMAccountName=$newusername)"
        } until ($checkuser -eq $Null)
    $username = $username + $usernumber
}

#password creator
$passwordarray1 = ("Word","Word","Word") | Get-Random
$passwordarray2 = ("Word","Word","Word") | Get-Random
$passwordnumber  = Get-Random -minimum 11 -maximum 99
$password = $passwordarray1 + $passwordarray2 + $passwordnumber

#create new user
New-ADUser `
 -Name $name `
 -userPrincipalName ($username + $domain) `
 -Givenname $firstname `
 -Surname $lastname `
 -Company $company `
 -Department $department `
 -Path "OU=Users,OU=Corp,DC=Company,DC=local" `
 -SamAccountName  $username `
 -DisplayName $name `
 -Title $jobtitle `
 -AccountPassword (ConvertTo-SecureString $password -AsPlainText -Force) `
 -ChangePasswordAtLogon $false `
 -Enabled $true `
 -Office $office `
 -StreetAddress $address_street `
 -City $address_city `
 -State $address_state `
 -PostalCode $address_postcode `
 -Email $email `
 -OfficePhone $telephone `
 -Country $country `
 -Description ("Initial Password: " + $password) `
 -Manager $linemanager 

 #set dial in permissions
 set-aduser $username -replace @{msnpallowdialin=$true}