Using a CSV file to create users by accessing the System.DirectoryServices namespace from a powershell script


There are several ways to programmatically create users in the Active Directory. The easiest way would be to use the Active Directory PowerShell Module. This is great if you have access to a Windows 2008 R2 domain controller as the Active Directory PowerShell Module was made available to manage the Windows 2008 R2 domains. Unfortunately, some users are still running Windows 2003 or Windows 2008 environment.

Because Windows PowerShell can tap into the .NET Framework APIs, you can use the System.DirectoryServices namespace from a PowerShell script. I know that some of you may be saying: “Why do I want to user PowerShell if I can call the same calls on a C# application”. That’s true, however, if you do not have access to a Visual Studio on a server, then you are limited on what you can automate.

Note:
Windows PowerShell version 2.0 only supports namespaces on.NET Framework 3.5
or below. You will not be able to call any of the namespaces that were 
added on .NET Framework 4.0 or newer.

Also, if you want to read the data from a CSV file to bulk create the users, you would still need to develop a parser to read CSV files properly. This is something I do not recommend as it can be a pain to build a CSV parser if you are pressed for time.

The great thing about PowerShell is that you have a rich set of cmdlets that will do the job for you. You can use the Import-CSV cmdlet to read the CSV file. Once you have the data in memory, it is just a matter of taking care of piping the information to a function that would handle the job of creating the user.

I have already done most of the work on the sample below that ties all of these together.

  1: #'===================================================================
  2: #' Specify the your environment specific settings
  3: #'===================================================================
  4: $domain   = "YOURDOMAIN"
  5: $domAdmin = "YOURDOMAIN\Administrator"
  6: $domPass  = "!Password!"
  7: $csvFile  = "C:\Users\Joe\BulkData.csv"
  8:  
  9: #'===================================================================
 10: #' This function creates the user
 11: #'===================================================================
 12: function CreateUser ($data)
 13: {
 14:  
 15:     #'===================================================================
 16:     #' Construct the ADsPath
 17:     #'===================================================================
 18:     $adspath  = "LDAP://" + $domain + "/" + $data."Container/OU".ToString()
 19:     
 20:     #'===================================================================
 21:     #' Bind to the container
 22:     #'===================================================================
 23:     $oContainer = new-object System.DirectoryServices.DirectoryEntry $adspath, $domAdmin, $domPass
 24:     $oContainer.RefreshCache()
 25:     Write-Host "Creating user: >> " $data."Common Name".ToString()
 26:     
 27:     $cnStr    = ("CN=" + $data."Common Name".ToString())
 28:     $firstStr = $data."First Name".ToString()
 29:     $lastStr  = $data."Last Name".ToString()
 30:     $samStr   = $data."NT Name".ToString()
 31:     $passStr  = $data."Password".ToString()
 32:             
 33:     #'===================================================================
 34:     #' Create a User object and populate the following attributes:
 35:     #' givenName, sn, samAccountName, 
 36:     #'===================================================================
 37:     $oUser = $oContainer.Children.Add($cnStr, "user")
 38:     $retval = $oUser.Properties["givenname"].Add($firstStr)
 39:     $retval = $oUser.Properties["sn"].Add($lastStr)
 40:     $retval = $oUser.Properties["samAccountName"].Add($samStr)
 41:     $oUser.CommitChanges()
 42:  
 43:     #'===================================================================
 44:     #' Set the initial password 
 45:     #'===================================================================        
 46:     $oUser.SetPassword($passStr)
 47:  
 48:     $oldUAC = $oUser.userAccountControl
 49:     $newUAC = $oldUAC.Value -band (-bnot 2)
 50:     
 51:     #'===================================================================
 52:     #' Enable the user
 53:     #'===================================================================        
 54:     $oUser.userAccountControl = $newUAC
 55:     $oUser.CommitChanges()
 56: }
 57:  
 58: #'===================================================================
 59: #' Read the CSV File
 60: #'===================================================================
 61: $csvData = Import-Csv $csvFile
 62:  
 63: #'===================================================================
 64: #' Process each item and send it to the CreateUser function
 65: #'===================================================================
 66: $csvData | % {CreateUser($_)}

You can easily use Excel and save your list of users in a CSV format. As far as the layout of the CSV input data, I have provided it also below so you know what it looks like:

  1: Container/OU,First Name,Last Name,Password,Common Name,NT Name
  2: "OU=Marketing,OU=Eastcoast,DC=YOURDOMAIN,DC=COM",John,Doe,Password1234,John Doe,johnd
  3: "OU=Marketing,OU=Eastcoast,DC=YOURDOMAIN,DC=COM",Jane,Doe,Password2345,Jane Doe,janed
  4: "OU=Marketing,OU=Eastcoast,DC=YOURDOMAIN,DC=COM",Billy,Bob,Password3456,Billy Bob,billyb

Enjoy!

Comments (1)
  1. Dexter says:

    Thanks for sharing.

    This will be helpful when ..there are no Modules around 🙂

Comments are closed.

Skip to main content