In this lecture, I am going to be showing you how to create Active Directory Users with PowerShell.We are working on IPDC01. Remember that we need to execute these scripts in a Domain Controller with Active Directory or a computer that has the RSAT tools connected to a server that has the Active Directory Domain Services installed.

Open Windows PowerShell ISE from the start menu.

Windows PowerShell ISE will be launched. We prefer PowerShell ISE since it helps in developing and creating scripts and also if needed we can type commands in the button pane window.

Let’s start by typing the Comment and Import the Active Directory Module.Since we are creating AD Users, we can type get-help New-ADUser to see all the options we can use.

We will be typing our commands in separate lines using the backtick or grave accent (next to number 1) to have one long script break down in separate lines.

# Import AD module

Import-Module ActiveDirectory

# Create the AD User

New-ADUser `

-Name "Bradley Beal" `

-GivenName "Bradley" `

-Surname "Beal" `

-UserPrincipalName "Bradley.Beal" `

-AccountPassword (ConvertTo-SecureString "P@$$w0rd123" -AsPlainText -Force) `

-Path "OU=Domain Users,OU=instructorpaul,DC=instructorpaul,DC=com" `

-ChangePAsswordAtLogon 1 `

-Enabled 1

Now click on the green Play icon to execute the script.

We can see the script executed.Check Active Directory to see if it is created (you might need to click refresh). We see our user account in Active Directory.

Now let’s delete the user account by right-clicking on the user and selecting Delete.

Click Yes to confirm.

Now that the script worked we can work on it. We can modify it to have the user enter their first and last name and create the user account.

First, we will grab some variables. Let’s see how the script looks now.

# Import AD module

Import-Module ActiveDirectory

# Grab variables from user

$firstname = Read-Host -Prompt "Please enter the first name"

$lastname = Read-Host -Prompt "Please enter the last name"

# Create the AD User

New-ADUser `

-Name "$firstname $lastname" `

-GivenName $firstname `

-Surname $lastname `

-UserPrincipalName "$firstname.$lastname" `

-AccountPassword (ConvertTo-SecureString "P@$$w0rd123" -AsPlainText -Force) `

-Path "OU=Domain Users,OU=instructorpaul,DC=instructorpaul,DC=com" `

-ChangePAsswordAtLogon 1 `

-Enabled 0

Execute the script by clicking on the Play button.We see the script executing and asking for the First and Last name of the user.

If we check Active Directory we can see the newly created user.

We can run it again and create another user, that is why creating users in PowerShell might be a good idea for you.Now that we have the script we can save it by clicking File > Save As...

Save it to the Desktop and name it CreateADUser and click on Save.

Now it is easy to execute the saved script. Right-click and choose Run with PowerShell.

We will just need to type the first name and last name and the user account will be created.

We can confirm by checking Active Directory Users and Computers.

And that’s how we create AD Users with PowerShell.

Note: For the attached script to work, you MUST change the target OU path