Download link: Arposh New User Creation v1.1
One task that every systems administrator has to go through at some point is the creation of new user accounts. Over time, this becomes burdensome and tedious. The Active Directory wizard takes you through multiple screens and you have to enter the same information multiple times in some occasions (e.g. a lot of organizations use FirstName.LastName for samAccountNames). It also does not allow you to set all of the fields that you want included in the wizard. I wanted a way to include those fields and an option to set defaults for some fields. Luckily Powershell makes all of that possible in an easy to use way. Powershell does all of the heavy lifting and an optional XML file saves even more time by pre-populating certain fields and setting defaults. You also have the ability of bulk-adding users via CSV. To create users from a CSV, click on File > CSV Mode. You can then import the CSV and browse through the users in the CSV. Once the CSV is imported, you can create one user at a time or all at once. If you want a CSV template created for you, click on File > Create CSV Template.
ANUC Requirements:
- Powershell v2 (Minimum)
- ActiveDirectory module
Usage: Download the ANUC.zip file from the TechNet ScriptCenter and extract it into any directory. Right-click on ANUC.ps1 and select 'Run with PowerShell'. To modify the available options for drop-down lists and default entries, edit the ANUC.Options.XML file. To create users from a CSV, click on File > CSV Mode. You can then import the CSV and browse through the users in the CSV. Once the CSV is imported, you can create one user at a time or all at once.
Features:
- Allows user creation with oft-used Active Directory attributes
- Bulk creation of users from CSV
- Auto-generation of account attributes based on other attributes
- Display Name
- samAccountName
- userPrincipalName
- Default entries
- Domain
- OU
- Phone Number (can use full number or company prefix '212-555-')
- Department
- Company
- Description
- Password (Accounts are set to change at first logon)
- Site (HQ, Branch Office 1, etc)
- Street Address
- City
- State
- Postal Code
- Pre-populated fields for easy selection
- Address information
- Domains
- OUs
- Descriptions
- Departments
Single-User Mode |
CSV Mode |
Little new to the AD world...
ReplyDeleteUnder OU - What do the DC's stand for? The name of the domain controller?
DC=ru
DC=lab
That would be your Domain Controller. They could appear as
Deletexxxx.local
xxxx.com
xxxx.edu
etc....
In your DC under AD Users and Computers you will see your DC
I'd give you a long answer, but one of the PowerShell MVPs already did. http://www.rlmueller.net/LDAP_Binding.htm
ReplyDeleteRich, this tool is amazing! can you point me in the right direction for info on how the gui is programmed? i understand bat files and powershell to some extent, but most of this is foreign to me.
ReplyDeletei wrote a simple bat script that asks for first and last name, office and desired exchange mailbox, then uses the provided variables in powershell commands to create the users, but this gui is so much nicer!
in particular, i would be interested in being able to extract just first initial from first name so i can generate the dn, sam, and ups as LastnameFI@domain.
i would also like to add check boxes or a multiple choice of some kind for different group memberships. for example, i am in the Strategic Applications department, but i need access to the networking, programming and helpdesk groups.
any info you could point me to would be greatly appreciated.
Hi John,
ReplyDeleteTo answer your question on extracting the first -
You can use the .Substring() method to trim the text.
For example:
$firstname = read-host "Enter first name"
$lastname = read-host "Enter last name"
$sam = $lastname + $firstname.Substring(0,1)
$sam
More on basic text manipulation - http://technet.microsoft.com/en-us/library/ee692804.aspx
Short on time, I'll drop a line tomorrow on how I add users to groups based on input.
Niv
Hey Rich I downloaded the tool, but when I right click and select Run with Powershell, nothing happens. Please advise. I do have one request: is it possible that you can generate a generic script that will allow the movement of multiple users from one forest to another?
ReplyDelete@Zay
ReplyDeleteCan you provide more details as to what is happening and include any error messages? Unfortunately I am not aware of any way to migrate users across forests without the use of the Active Directory Migration toolkit (ADMT). There is the potential to 'copy' users, but you would lose the sID, which is the most important aspect of the user account.
Can this be used to create Exchange and OCS accounts as well as configure other attributes such as Home Directory, Dian-In Access, Department and Employee Number?
ReplyDelete@Anon, it cannot create Exchange/OCS accounts unfortunately. It can be modified to use additional attributes, but this tool was created more as a basic user creation tool that fills out the basics. However, you can use the same CSV to fill out those fields with this cmdlet: Set-ADUser
ReplyDeleteTo see everything that you can set, type Get-Help Set-ADUser.
Example: Import-Csv ANUCusers.csv | %{Set-ADUser -Identity $($_.FirstName + "." + $_.LastName) -EmployeeID $_.EmployeeID -Department $_.Department}
Hi! I can't start script and have Error
ReplyDeleteYou can not download the file G: \ install \ ANUCv0.2 \ ANUC.ps1, since the execution of screening
ptov allowed for the system. Enter the "get-help about_signing" obtained for
Ia additional information.
line: 1 char: 11
+ .\ANUC.ps1 <<<<
+ CategoryInfo : NotSpecified: (:) [], PSSecurityException
+ FullyQualifiedErrorId : RuntimeException
what is wrong?
It appears that you have not configured your PowerShell security settings for the running of scripts. As the error message mentioned, run the command 'get-help about_signing' and it will explain the different security options available. Once you have read over the options, you can set the option that you desire using the Set-ExecutionPolicy command (must be run with administrative rights).
ReplyDeleteHI,
ReplyDeleteNo problem to create a new user under "CN=Users,DC=mydomain,DC=com" for ex, but I'm getting this error when trying to create a user under my own OU (ou=FS ,ou=,DC=mydomain,DC=com)
ERROR: New-ADUser : Cannot validate argument on parameter 'Path'. The argument is null or empty. Supply an argument that is not null or empty and then try the command
ERROR: again.
ANUC.ps1 (269): ERROR: At Line: 269 char: 13
ERROR: + New-ADUser <<<< @User
ERROR: + CategoryInfo : InvalidData: (:) [New-ADUser], ParameterBindingValidationException
ERROR: + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.NewADUser
@Anon, it looks like you have an extra space and an empty OU pointer in your LDAP syntax (ou=FS ,ou=,DC=mydomain,DC=com).
ReplyDeleteHello Rich,
ReplyDeleteThis is a great tool/script! I'm adjusting it for my own purpose and running into a problem.
I'm using the following code to to populate the $cboPath:
$XML.Options.Units.Unit | ?{$_.Name -match $cboDepartment.SelectedItem} | Select -ExpandProperty Path | %{$cboPath.Items.Add($_)}
It wil populate the paths of 5 departments in $cboPath. But now I want to achieve to set $cboPath.Text to find one of the 5 department paths wich matches the value of $cboDescription ($cboDepartment_SelectedIndexChanged).
I hope you can help me with this, I've tried several things to no avail.
Thnx! Remco
Hi Rich ,
ReplyDeletei would like to start off by saying thank you for sharing this with us noobs .i have some questions however. im an admin @ a high school and we have our Students login with their student ID which is a number like "245789654" how do i mod your script to take the $samAccountName directly from one of the columns in the CSV ? Thanks in advance .
Ahmed,
DeleteWere you able to successfully make these modifications? If so, I would be interested in how to do the same - I work for a school as well. Thanks in advance.
@Ahmed: With the way the GUI was designed, it automatically creates the sAMAccountName based on the first and last names. There was logic created to automatically update this field every time the first or last name was modified. Ultimately, to do what you are asking, you would need to modify the size of the form in CSV mode, remove the logic for auto-creation of sAMAccountName, create a new column and have the $sAMAccountName variable read from that column instead of first/last names.
ReplyDeleteHi - tool looks brilliant. I'm a bit lost on what exactly the fields in the csv file should contain, particularly the exact syntax of 'domain' and 'path'. Almost there I think, but using a structure a couple of containers deep in AD and it's running in single-user mode, claiming it's successful, but no user account appears in AD.
ReplyDeleteAny help? Really grateful though. :)
^ Figured it out! Wow, this tool really IS nice...
ReplyDeleteI ran the tool on my DC 2008 Standard Server and error thrown:
ReplyDelete"
Import-Module : The specified module 'Active Directory' was not loaded because no valid module file was found in any module directory
At ANUC.ps1:72 char:15
"
Please help
Thanks
Peter
oops, sorry just figured out its supported OS.
ReplyDeleteHi Rich, Thanks for the script. This is really nice. I have a question. I want to give this script to our helpdesk with some modification. for this i want to remove the CSV function from this. Any advice? They just want to create individual users.
ReplyDeleteHi Rich,
ReplyDeleteThank you very much for the tool!. It helped me a lot in adding bundle of users by CSV file. I was also able to modify the code to edit user's Homepage field for my need.
Thanks again for excellent tool
Peter
FYI On line 408 you made the mistake of referencing the Dept of the selected record for the user's Company. Should be subitem(9)
ReplyDeleteNice work!
@Anon Thanks, it has been fixed and uploaded.
ReplyDeleteHi Rich, have an interesting question. I would like to have the samAccountName to be created as Lastname + First Initial with the ability to override as necessary. I am trying to modify lines 309-315 to parse the $txtSAM correctly
ReplyDelete$txtName_TextChanged={
Write-Verbose "Creating required account fields"
if ($XML.Options.Settings.DisplayName.Generate -eq $True) {$txtDN.Text = $txtFirstName.Text + " " + $txtLastname.Text}
if ($XML.Options.Settings.sAMAccountName.Generate -eq $True) {$txtsAM.Text = $txtFirstName.Text + " " + $txtLastname.Text}
if ($XML.Options.Settings.UPN.Generate -eq $True) {$txtUPN.Text = $txtFirstName.Text + "." + $txtLastname.Text + "@" + $cboDomain.SelectedItem}
}
Is this the correct place and if so, how can it be done?
Thanks.
@Roland Your question has been asked/answered on the download page: http://gallery.technet.microsoft.com/scriptcenter/New-User-Creation-tool-14fa73cd
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
Deletehanks, let me try and rephrase. I understand that I can manuually override the sAMAccountName on the gui in the script. What I am attempting to do is to set sAMAccountName = LastName + FirstInitial as my default. As an example, in single entry mode, you type in the user's last name, then enter the user's First Name. So, for Fred Jones, the sAMAccountName = JonesF and you would see this in the gui. I am intending to leave items such as DisplayName and UPN unchanged. The dfficulty I am having is trying to parse out the first lett from $txtFirstName and assigning it to {$txtsAM.Text = $txtLastname.Text + $txtFirstName.Text}. Does this explanation help clarify?
ReplyDelete@Roland, have you tried {$txtsAM.Text = $txtLastname.Text + $txtFirstName.Text[0]}?
ReplyDeleteYes I did. Thanks for your help. I solved the problem by creating another variable and assigning the substring of the Given Name to it like as follows:
ReplyDelete$FirstInitial = $GivenName.substring(0,1)
Hi Roland .. and Rich.
ReplyDeleteFirst, thanks Rich for this great tool... really appreciate.
Roland, could you tell us where do you put the line $FirstInitial = $GivenName.substring(0,1) in the script and what others modifications did you make ?
I need to modify it in a way to obtain the upn like this format : first Letter of firstname and lastname.
Rich, is possible to have a lock format for some cells ... I mean for example, I don't want to have some users accounts created with some special caracters like : é or space or others special caracters... Is it possible to block this possible things?
Thanks again
Philippe
@Roland/Anon: I just uploaded a new version of the tool which now has the ability to select different formats for the UPN, sAMAccountName, and Display Name. Try that out and let me know if it works for you.
ReplyDeleteHi Rich,
DeleteAfter your modification, and following my "request" regarding the possibility to select different formats (see my last post 11 May) I've tested your new version.
Format selection seems to work well but unfortunatly I encounter the same problem as Jesus.
I get the following error when trying to create an account using this tool:
ReplyDeleteNew-ADUser : Cannot convert 'System.String' to the type 'System.Nullable`1[Syst
em.Boolean]' required by parameter 'ChangePasswordAtLogon'.
At C:\ANUC\ANUC.ps1:348 char:13
+ New-ADUser <<<< @User -ErrorVariable ADError
+ CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBind
ingException
+ FullyQualifiedErrorId : CannotConvertArgument,Microsoft.ActiveDirectory.
Management.Commands.NewADUser
Any ideas?
I found the issue and have updated to fix it. You should be able to download the latest version now.
DeleteYour reply to John: "Short on time, I'll drop a line tomorrow on how I add users to groups based on input."
ReplyDeleteI'd like to see your technique as well.
Thanks, this is a great tool.
RJ
This comment has been removed by a blog administrator.
ReplyDeleteDisregard. I saw your answer to the same type of question on the TechNet site.
ReplyDeleteRJ
Hey Rich I ran your tool and I am getting permission denied errors. At first I thought it was something to do with my csv file, so as a test I manually entered names into the gui, and I still got the error. The specific errors are:
ReplyDeleteNew-ADUser : Access is denied
At C:\Users\exchadmin\ANUC\ANUC.ps1:350 char:13
+ New-ADUser <<<< @User -ErrorVariable ADError
+ CategoryInfo : PermissionDenied: (CN=james
smith,...C=zakina,DC
=com:String) [New-ADUser], UnauthorizedAccessException
+ FullyQualifiedErrorId : Access is
denied,Microsoft.ActiveDirectory.Manag
ement.Commands.NewADUser
Me again Rich, just thought I might layout some things I tried to get past the access denied errors. Instead of opening the standard PS, I opened the AD Module for PS, still got error. I ran the “set-executionpolicy remotesigned” command first before I ran your tool. Thanks in advance for any assistance you can render.
ReplyDeleteIs this a lab, dev environment or production? If it is a test environment, try explicitly delegating yourself control on the OU. If it is production, build a lab/dev environment and see the last sentence. :)
DeleteThanks for a rapid response, yes this a a lab (vmworkstation) environment.
ReplyDeleteHey Rich yes it is a lab environment. I did as you suggested and that took care of the permission issue. Now I am getting "the name provided is not a properly formed account name" errors. I looked at the names in the error message and decided to submit them individually and they submitted successfully. From what I gather, if submitted individually, they work fine, just not as a bulk. I saw in another forum you mentioned that your latest version should be able to handle various formats of the Sam Account or Principal Names.
ReplyDeleteThanks for the response Rich, yes this is a lab running in a virtual environment. I took your advice and applied the delegation to the user, that solved the permission issue. Now I am experiencing a new error: "The name provided is not a properly formed account name". I looked at the names in the error and decided to try submitting them individually so I can see what might be causing the error. Oddly, when I submit individually, they submit fine without throwing an error. So I attempted the bulk import, and the error appeared again. So it seems the error is only generated during the bulk import. I looked up the error and I found in another thread that you said your new version should have addressed any formatting issues with account names. I am sure I am running your latest version.
ReplyDeleteIf you are using an old version of the XML file, that might be an issue as well. With the changes to how the sAMAccountName and UPN are handled, I had to update the schema of the XML to allow for different formats. Try using the new version of the XML and translating your changes to that.
DeleteAgain, thanks for such a rapid response, but where do I get a new version of the XML? Sorry if a dumb question, just that I thought the xml came with the new version of the application.
ReplyDeleteIt does. Have you filled out all of the fields in the CSV? Do you have sAMAccountName, UPN and DisplayName set to generate?
DeleteNo I did not fill out those fields. I thought once I edit the xml and the ps with the format, it will assign as indicated in the xml. I will fill out the fields in the csv and see if that fixes the issue. Thanks.
ReplyDeleteThe way I interpreted the process was that fields would auto generate based on what was set to true, and that the fields would pull the information from the name and surname fields, and append /concatenate accordingly.
ReplyDeleteI think I may see what the issue is. I'll test out the scenario and try to get an updated version uploaded once I get some time.
DeleteA question does come to mind, if the fields were absolutely necessary, wouldn't I get the same error even on a single submission?
ReplyDeleteHi I am getting " New-ADUser : Cannot validate argument on parameter 'Path'. The argument is null or empty. Supply an argument that is no
ReplyDeletet null or empty and then try the command again.
At C:\Powershell\ANUC\ANUC.ps1:580 char:14
+ New-ADUser <<<< @User -ErrorVariable ADError
+ CategoryInfo : InvalidData: (:) [New-ADUser], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.NewADUser
Please can you assist ?
The error states that the OU Path variable is null or empty. Verify that you are providing an OU (and that it exists) and try again.
DeleteHi Thank you for your reply.
DeleteThe OU does exist, as when I submit just one user it creates it sucesfully, but when I "select submit All", then it comes back with the error. Its almost like I cannot do multiple accounts, work when do a single account
Hi Anon I was getting the same error, to fix, I added the path to the OU in the CSV file like so DC=yourOU,DC=yourdomainname,DC=com (here is what mine looks like: OU=Mailboxes,dc=zakina,dc=com). If after doing that you start getting permission denied errors, as advised by Rich, assign explicit delegation to the OU.
ReplyDeleteHey Anon even though the OU exists, you need to define it in your CSV. On your CSV file, create a column called Path, and fill it with path to your OU as such: DC=nameofyourOU,DC=yourdomainname,DC=com. Mine looks like this: DC=Mailboxes,DC=Zakina,DC=Com
ReplyDeleteBrilliant. Thank you that worked. Thanks Zay, and Thanks Rich for a wonderful script.
ReplyDeleteAny time, I learned that Rich actually, lol.
ReplyDeleteHey Rich I got it to work, seems all I need to do was to populate my sAMAccount column. For those needing help with concatenating the columns (combining two columns) let me know. Thanks for all the support Rich.
ReplyDeleteHello Rich, again, thanks for creating this application. I seem to be having some trouble with creating bulk users. When I select one name from the list, and submit one, all is well. However, when I submit all, (300+) names, the logon name field is not populated, and the display name field is populated with a period (.). I have been all thru the script and xml file, and as far as I can tell, all is well in both files. I will continue to troubleshoot until I hear from you.
ReplyDeleteThat has been fixed in the latest release, version 1.2.
DeleteHi Rich,
DeleteThank you very much for the tool, is a great solution for bulk account creation. Wanted to ask you, if it would be possible to have tool create bulk accounts for Windows 2008 R2 servers with NO AD installed?
Thanks,
Paul C.
Hi Rich, I'm very new to this and I'm having some troble using this tool. When I right click on ANUC.ps1 and select run with PowerShell, the screen comes up for a second then goes away. Any idea why this is happening? Also I have the csv file with the users first and last name as well as their e-mail address. How do I get to CSV Mode? Is there more detailed instructions some where for your tool?
ReplyDeleteThanks
Hey Anonymous try this: open Powershell with elevated rights (right click and select Run as Administrator) and type the command Set-ExecutionPolicy RemoteSigned then press enter, then press Y to confirm. To get to CSV mode, click on File, then select CSV Mode. A little tip, you NEED to also fill out the sAmAccount, Path, Password and Principal Name columns.
ReplyDeleteOh Anon, one other tip, move the Powershell script to your C:\Users\your username folder and run it from there. Example: C:\users\Zay.
ReplyDeleteHey Anonymous try this to fix the Powershell issue: Move the script to your C:\users\Username folder example- C:\Users\Zay. Also, before you run the script, open Powershell in elevated rights by right clicking on it and selecting Run as Administrator, and executing the following command: Set-ExecutionPolicy RemoteSigned. To run the application in CSV mode, click File, the click CSV Mode. It is important that you create and populate the following columns:
ReplyDeletesAMAccount, Password, Path, Principal Name
I forgot to mention that you need to also fill out the DisplayName column, especially if you have those attributes set to Generate. If you do not want those generated, turn that off in the options.xml file.
ReplyDeleteHi
ReplyDeleteim wondering if you can post a copy of the csv file to use, icant get my csv file to work so im guessing mine does not have the correct layout.
//:Erik
Hi, me Erik again, getting further but are really stuck on this Path issue. it will only show th first part of the path in csv mode. single user works fine and puts the were the belong. any idea?
ReplyDeleteHey Erik sorry about your issue, as for the format, I used the program to generate the csv file for me, and I just filled in the information. If you click on File, there is an option to generate a smaple csv file. Tell me where the OU is located in terms of where in users and computers you created it. If you want to know the exact path to your OU, use dsquery, here is an example dsquery ou -name remote_*
ReplyDeleteHope this helps, if you need further help email at zaytheitguy@gmail.com
Hey Erik sorry for your trouble, if you click File, you will see the option for the program to generate a sample csv for you. Are you sure you are putting the correct path to your OU? An easy way to find the correct path is to run dsquery. Just open a command prompt and type dsquery OU -name . If you are still having trouble, you can email me at zaytheitguy@gmail.com
ReplyDeleteHey Erik sorry about your issue, in the application, click File and you will see the option for it to generate a sample CSV file for you. In regards to the path, if you are unsure of the actual path to your OU, then run dsquery and it will tell what the path is. Open a command prompt, then type dsquery OU -name . Hope this helps
ReplyDeleteLet me clarify the dsquery syntax: dsquery OU -name
ReplyDeletedsquery OU -name [the name of your OU]
ReplyDeleteGreat tool Rich, One question is it possible to have username LastName_FistInitial?
ReplyDeleteThanks,
Brian
I figured it. Would there be a way to add a field to add the to groups also?
DeleteGlad it worked Anon, what was the solution that worked for you?
ReplyDeleteI'm running in to a problem with the script. Would you be able to help? Thanks
ReplyDeleteNew-ADUser : The server is unwilling to process the request
At C:\Users\TTester.RU-LAB\Desktop\AD USERS\ANUC.ps1:377 char:13
+ New-ADUser <<<< @User -ErrorVariable ADError
+ CategoryInfo : NotSpecified: (CN=fffr fffffrr...,DC=ru,DC=lab
:String) [New-ADUser], ADException
+ FullyQualifiedErrorId : The server is unwilling to process the request,M
icrosoft.ActiveDirectory.Management.Commands.NewADUser
This error usually if you are trying to input information that does not exist. Such information could be a domain name that does not exist, an OU that does not exist etc. Looking at the error, are those the actual names of of the objects in your AD?
ReplyDeleteHey C Bluewin, that error sometimes occurs due to you having some information in your script that does not apply to your domain. Looking at the error, do those variables apply to your domain (ru, lab, fffr fffffrr)? You need to edit the XML file, and or the script itself to suit your domain. If you need help with that, feel free to email me at zay4698@gmail.com
ReplyDeleteHi Rich, Thanks alot for this script but i have a little problem/question.
ReplyDeleteIn my company we use 3 letters Login (FirstInitial+2FirstofLastName)i made the modifications in the sAM and UPN fonction to generate what it BUT (here comes the question):
How could i make it check if it already exist in AD and if it exist to make it go use the 1st and 3rd letter of LastName ? (exemple: my name is Vince Labonte so it will generate "VLA". So i want it to check if "vla" exist, if not create it, if yes check if "VLB" exist if not create it... and so on)
Where could i make this change ? and how ?
Thanks Alot !
-Vince-
Hello Rich,
ReplyDeleteGreat Work on this script everthing work fine in my VM testlab. How do you add members to a group using this script. Can you show me the syntax to add members to a group using this script
Hey guys.. I think I'm getting nuts here with this "path" field from the CSV. I just don't get it.. The path includes commas between the OU's and DC fields (ex: OU=Outsiders,OU=Users,DC=mydomain,DC=com). How can you insert this path into a CSV that is comma delimited without shifting everything and turning into a mess ? Am I missing something here ?
ReplyDeleteHey Anon, not sure why there is, or if there is an issue, but the commas in path field should not affect the layout. I have my path setup the same as you outlined, and the application read it fine. Not sure you are the same Anon, but what is xc,m?
ReplyDeleteHi Rich,
ReplyDeleteI would like to add an email field in the form.
I followed the code and I took as a reference the function of the userPrincipalName.
I managed to create the field in the form, and apparently it works correctly even the auto generation, but when I go to send the data returns me the following error:
ERROR: New-ADUser : A parameter cannot be found that matches parameter name 'mail'.
ANUC.ps1 (444): ERROR: At Line: 444 char: 13
ERROR: + New-ADUser <<<< @User -ErrorVariable ADError
ERROR: + CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException
ERROR: + FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.NewADUser
Where do you think I was wrong?
If you show me where to send the code, I gladly share.
I hope to solve to solve the problem!
P.S. I also implemented the creation of the password randomly, and it works perfectly.
Best Regards
Alessandro P.
Problem solved ...
DeleteI mistyped the name attribute, that is correct Email
thanks
Do you have this updated with the Email function added, It would make my life a little eaisyer as i have the same need.
DeleteHow did you create the password randomly? can you help me, please?
DeleteHi
ReplyDeletenew problem !
I would like to enable "Password Never Expires".
help me
thanks
Alessandro P.
Hi
ReplyDelete1. how can I give to the terminal server profile path via CSV?
2. Can I specify multiple phone numbers by CSV?
Thanks
S. Dürig
Rich awesome little tool.
ReplyDeleteHow about having the ability to input the users into distribution groups, security groups and optional email creation?
Have you ever thought of that?
After working out the kinks inputting your OU is tricky and verifying with PS and pulling a user can verify how it needs to be inputted into the script.
But thanks much.....makes logging in every time so much easier
Hey Rich,
ReplyDeletea real nice tool but it seems there is a error in Phone nummber and the office field. when i run it from i CSV both fields are switched. can you check this?
I fixed the CSV modus
Deletechanges line 313 form
$Headers = @('ID','Domain','Path','FirstName','LastName','Office','Title','Description','Department','Company','Phone','StreetAddress','City','State','PostalCode','Password','sAMAccountName','userPrincipalName','DisplayName')
to
$Headers = @('ID','Domain','Path','FirstName','LastName','Phone','Title','Description','Department','Company','Office','StreetAddress','City','State','PostalCode','Password','sAMAccountName','userPrincipalName','DisplayName')
Rich this is an awesome little app. i am also very new to powershell and am wondering how i would go about adding more info to be filled in like Mobile Number or maybe home drive location.
ReplyDeletehi,
ReplyDeleteEveryone First of all a great tool but i am new with active directory i am trying to import the csv file but first i dont see any of the user in the list and when i press import all powershell is showwin errors (it is related to convert-to and new add-user) my active directory is in french so i am not sending the error if anybody can help me cause i am tired.Thanks
Rich - props to you on this one, Microsoft really needs to pay you for this one.
ReplyDeleteFeature request - can you add the ability to also create the "e-mail", "country" and "Manager" fields. These are required for people I'm onboarding here and would be nice to have these populated on creation.
Or at least if you could let me know what I would need to add to the powershell script to make this work.
Thanks!
BW
Need a sample Templete
ReplyDeleteHi,
ReplyDeleteI am currently getting a error message when trying to use this tool
I have not been able to work out why i have been getting this error
I get this error when doing a single or CSV creation
Error:
New-ADUser : No superior reference has been configured for the directory service. The directory service is therefore unable to is
sue referrals to objects outside this forest
At C:\Users\Jasong\Documents\ANUC.ps1:379 char:13
+ New-ADUser <<<< @User -ErrorVariable ADError
+ CategoryInfo : NotSpecified: (CN=Test99 Test9...ns,DN=com,DN=au:String) [New-ADUser], ADException
+ FullyQualifiedErrorId : No superior reference has been configured for the directory service. The directory service is ther
efore unable to issue referrals to objects outside this forest,Microsoft.ActiveDirectory.Management.Commands.NewADUser
Please help
Jason
Hi Jason,
Deleteplease copy the path for the OU directly from the Attributes TAB.
Select OU you want to create a user. Right click, properties,Attribut-Editor, look at distinguishedName, click edit and copy the Path into the Script .....
Like this, OU=Yxz,OU=123,OU=1234,OU=12345,DC=domain,DC=local
However this works for me!
Greetings
Hi Rich,
ReplyDeleteI just found this tool on Technet and it looks great. However, I am getting the error: "The name provided is not a properly formed account name".
I had downloaded version 1.2 from Technet, this is on a virtualized Windows Server 2012 AD, and the error occurs when trying to add a single user through the UI. I saw your comments regarding this error from July 16, 2012, and wondered if it might be related and how I can examine the XML file to be sure it is the right version, or if there is something else I can be checking?
Hello!
ReplyDeleteNew-ADUser : Verzeichnisobjekt nicht gefunden
Bei C:\Users\xxx_adm\Documents\CreateUser\ANUC.ps1:380 Zeichen:13
+ New-ADUser <<<< @User -ErrorVariable ADError
+ CategoryInfo : ObjectNotFound: (CN=John Doe,ou...V,dc=XXX,dc=XXX:String) [New-ADUser], ADIdentityNotFoundException
+ FullyQualifiedErrorId : Verzeichnisobjekt nicht gefunden,Microsoft.ActiveDirectory.Management.Commands.NewADUser
Can someone Help?
@Rich, thanks for the great script! When it works ;-)
Thanks to all it worked see Jason's Post from Anonymous!!!
DeleteHello,
Deletelast Post August 21, 2013 at 3:04 PM can Delete! Problem solved!
See at Jason Gardener ...
Hello people,
ReplyDeletesomeone have a solution to pick up homeDrive and ProfilePath ???
I see many command's, but nothing helped. Can someone tell me the right command's to Import users.csv with the two Attributes?
Many says: Import-Csv -Delimiter ";" "C:\import.csv" | ForEach-Object{NewADUser -homeDrive $_homeDrive}
Is this correct? How to format the csv? Someone have a example for me or Type here?
Thanks in advance
How would you make it so the "Name" in AD shows up as LastName, FirstName? Not the display name, but how it shows in AD under the Name column? I try to keep the display name equal to the name in AD just so the users are easy to sort through.
ReplyDeleteI was able to get this script to work tho! That's far better than the other garbage I've found online. Most bloggers don't even validate or test their code before they post it. At least this one works great. Now I just have to figure out how to set the "full name" property for each account to be LastName, FirstName.
Thanks!!!!!!!!
I followed this article to modify the default settings for "createDialog" and while this forces first.last when manually creating an account, it doesn't seem to affect how this script generates how users show up.
ReplyDeletehttp://support.microsoft.com/kb/250455
Well, I ended up using ADModify to edit the "Common Name" which is what I wanted. As an admin I like having them set to first.last in AD but for the GAL the policy is Last, First.
ReplyDeleteIt was nice being able to use the above KB article "KB250455" to edit the default display name on user creation to Last, First. However, I was unable to force a default common name.
At least I have a working process. I can bulk create users and then use ADModify to edit them all after.
Thanks!
Hi
ReplyDeleteIs this tool tested in win 2012 server?
Hi Rich
ReplyDeleteThanks for a great tool :-)
I have been modify it for our company and I have some questions for you
I would like to have it set the homedrive and Profile path. do you know how to do it??
Thanks in adwance.
Dennis - Denmark
How do I create the CSV file to import I am confused
ReplyDelete-CJ Forbes
I found the real fix to the Office and Phone number being transposed. Navigate down to the $btnSubmitAll_Click function and transpose the $Office and $OfficePhone lines. Then renumber them as shown here:
ReplyDelete$Office = $_.Subitems[5].Text
$Title = $_.Subitems[6].Text
$Description = $_.Subitems[7].Text
$Department = $_.Subitems[8].Text
$Company = $_.Subitems[9].Text
$OfficePhone = $_.Subitems[10].Text
This is a great little utility and works well out of the box. That being said I have thousands of users that will need to be created ( over 12k) every year and simply including the first initial leaves me with too many accounts not being created due to duplications. I was wanting to expand this out to include the first three letters of the first name plus the last name.
ReplyDeleteThe original lines are like this:
"FirstInitialLastName" {"{0}{1}" -f ($GivenName)[0],$SurName}
which works fine for the first letter but if I attempt to collect the other to by doing something like this:
"FirstInitialLastName" {"{0}{1}" -f ($GivenName)[0,2],$SurName}
it just errors out on me. Anyone have a way to make this work out?
Thanks!
hi
ReplyDeletei am new to active dir please help me how i edit and add my domain name and user names etc
and how i can use this
thanks
I am having a problem with the 'Submit All' option when using CSV mode. If I select any user from the CSV list so the fields on the left are populated I can click 'Submit' and the user is created successfully. If I choose the 'Submit All' option I receive this message: New-ADUser : The server is unwilling to process the request
ReplyDeleteAt C:\Users\Administrator\Downloads\ANUC.ps1:606 char:4
+ New-ADUser @User -ErrorVariable ADError
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (CN=John Test...=LAB,DC=local:String) [New-ADUser], ADExceptio
+ FullyQualifiedErrorId : ActiveDirectoryServer:0,Microsoft.ActiveDirectory.Management.Commands.NewADUser
The error appears to be telling me that something is missing but I can't figure out what it might be. Does anyone have any ideas? Not looking forward to clicking them all one at a time.
Hi Rich,
ReplyDeleteWe currently have a 2003 domain but I have installed the ADWS onto one of the DC's in order to run this script. I have tested this in my lab from a W7 client machine to a 2003 DC with ADWS and all works fine. In the actual environment however the script complains
# WARNING: Error initializing default drive: 'Unable to find a default server with Active Directory Web
# Services running.'.
I have tried a few things including adding the "Get-ADDomain -Server "Server"" into the beginning of the script without success.
Can you point me in the right direction.
Any help would be greatly appreciated.
Thank you
Nice tool - I am running it under 2012 R2 and have clicked on both files but have not found the bulk import for AD users.
ReplyDeleteThank you
Great Work ! When importing via CSV having the problem that First name und last Name are not imported. Somebody having any idea ?
ReplyDeleteI exported with this Get-ADUser -filter * -Properties * | Export-Csv
Thanks !
Hi,
ReplyDeleteI have downloaded the PS file, also i have O365 Cloud Services for Email Could you please suggest if i need to change anything on the Script to enable the cloud Services . if yes then what Please suggest
Hello...I am getting this error:
ReplyDelete-----------------------------------------------------------------------------------
New-ADUser : Directory object not found
At C:\Users\lvm_jbunch\Desktop\ANUC.ps1:377 char:3
+ New-ADUser @User -ErrorVariable ADError
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (CN=Nicole Roder...C=LVMSCO,DC=com:String) [New-ADUser], ADIdentityNotFo
undException
+ FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,M
icrosoft.ActiveDirectory.Management.Commands.NewADUser
-----------------------------------------------------------------------------------
Any ideas on why?
Hi Rich,
ReplyDeleteWe are one company and don't need that field at all. We tried to change it to "Country" but can't seem to get it to work. Anyway we can get "Country" field added under postal code? We did modify the options file to include but doesn't apply to the new user object in AD.
Not sure if your answering these, since the post is 6yrs old and don't see answers to any questions above.
Thanks for the GUI
Paul
We've just downloaded this tool. We run it against a CSV file with 317 records. We get the following error, and wish to know its meaning and solution:
ReplyDeleteNew-ADUser : The object name has bad syntax
At C:\Temp\ANUC.ps1:606 char:4
+ New-ADUser @User -ErrorVariable ADError
+ CategoryInfo : NotSpecified: (CN=Kyle Zumdome...,DC-CKS,DC=INDY:String) [New-ADUser], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:8335,Microsoft.ActiveDirectory.Management.Commands.NewADUser
Hi Rich,
ReplyDeleteI have used this excellent script in a few companies now (surprising how many don't have any automation of this process) and would like to add a section to create a homedirectory
So far I have successfully created a user with the homedirectory path added using the following addition
######## Create Home Path String #########
[string]$HomeDIR = "\\LAB-MS1\HomeDir$" + "\" + "$samAccountName"
######## Create New User #########
New-ADUser @User -homeDirectory $HomeDIR -HomeDrive "H:" -ErrorVariable ADError
but when I try to actually create the homedir, by adding the following lines after the line to call the form at thee end of the script
Call-ANUC_pff | Out-Null
#~~~~~Make Home Folder-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
$Usernameinfo = Get-ADuser -Identity $User.cn -Properties SamAccountName, homeDirectory | Select-Object -Property SamAccountName, homeDirectory
$Username = $Usernameinfo.SamAccountName
[string]$FullPath = $Usernameinfo.homeDirectory
New-Item -type directory -path $FullPath
Start-Sleep -s 5
ICACLS ("$HomeDIR") /grant ("$Username" + ':(OI)(CI)F') /T /C
I get the following error where it fails to output the properties of homedirectory and samaccountname for the newly created user
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null or an element of the argument collection contains a null value.
At C:\Scripts\Atcore_User_Creation_Working_Home_Dir.ps1:1292 char:28
+ $Usernameinfo = Get-ADuser $User.cn -Properties SamAccountName, homeD ...