FirstName,LastName,passcode,Title,Manager_Email
zack,Ased,breast<achievement?&childhood059,manager,zasdasdh#gmail.com
How can I make the Name zack Ased and the username zack.Ased , here is the code I tried
Import-Module ActiveDirectory
$ADUsers = Import-Csv C:\users.csv
foreach ($User in $ADUsers) {
$FirstName = $User.FirstName
$LastName = $User.LastName
$Name = $FirstName + " " + $LastName
$username = $FirstName.$LastName
$password = $User.passcode
$Title = $User.Title
$Manager_Email = $User.Manager_Email
New-ADUser -Name $Name -SamAccountName $username -AccountPassword (ConvertTo-secureString $password -AsPlainText -Force) -Title $Title -ChangePasswordAtLogon $true
Enable-AdAccount -Identity $username
}
using -join:
$FirstName = 'John'
$LastName = 'Smith'
$Name = $FirstName, $LastName -join " "
#the " " is the delimiter, you can input whatever you like, for example a dot:
$Name = $FirstName, $LastName -join "."
see more examples on https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_join
Another method is by putting it in a new string:
$Name = "$($FirstName).$($LastName)"
There are several other possible methods of doing this.
Related
I am trying to make a PowerShell script to add users in bulk through a csv file. If the username already exists I want to add the number 1 to the username. How can I do this? I thought I could maybe make an if?
foreach ($User in $ADUsers) {
# Selvlagde variabler for opprettelse av brukere
$Password = Get-RandomCharacters -length 20 -characters 'ABCDEFGHKLMNOPRSTUVWXYZabcdefghiklmnoprstuvwxyz1234567890!._?/-'
$Username = $User.GivenName.substring(0,3) + $User.SurName.substring(0,3)
$Username = $Username.Replace('æ','ae')
$Username = $Username.Replace('ø','o')
$Username = $Username.Replace('å','aa')
$Username = $Username.ToLower()
$Username = $Username.Trim()
$Email = $Username + '#ONPremiumIT.com'
$DisplayName = $User.GivenName + ' ' + $User.SurName
if (condition) {
}
# Bruker splatting for å lagre info om brukere
$userParams = #{
Path = $User.Path
SamAccountName = $Username
UserPrincipalName = $Email
Name = "$($User.GivenName) $($User.SurName)"
GivenName = $User.GivenName
Surname = $User.SurName
Enabled = $true
ChangePasswordAtLogon = $false
DisplayName = $Displayname
Department = $Department
AccountPassword = (ConvertTo-SecureString $Password -AsPlainText -Force)
}
New-ADUser #userParams
You can do that by testing if a user with that SamAccountName already exists. Something like this:
foreach ($User in $ADUsers) {
# Selvlagde variabler for opprettelse av brukere
$Password = Get-RandomCharacters -length 20 -characters 'ABCDEFGHKLMNOPRSTUVWXYZabcdefghiklmnoprstuvwxyz1234567890!._?/-'
$Username = $User.GivenName.substring(0,3) + $User.SurName.substring(0,3)
$Username = $Username.Replace('æ','ae')
$Username = $Username.Replace('ø','o')
$Username = $Username.Replace('å','aa')
$Username = $Username.ToLower()
$Username = $Username.Trim()
# test if a user with that SamAccountName already exists, add an index number if needed
$n = 1 # start index at 1
$newName = $Username # copy to a new variable
while ($true) { # start an endless loop
$usr = Get-ADUser -Filter "SamAccountName -eq '$newName'" -ErrorAction SilentlyContinue
if (!$usr) {
$Username = $newName # assign the $Username variable the unique value
break # exit the loop if the $username is unique in the domain
}
# construct a new username by adding the index to it
$newName = '{0}{1}' -f $Username, $n++
}
$Email = $Username + '#ONPremiumIT.com'
$DisplayName = $User.GivenName + ' ' + $User.SurName
# Bruker splatting for å lagre info om brukere
$userParams = #{
Path = $User.Path
SamAccountName = $Username
UserPrincipalName = $Email
Name = "$($User.GivenName) $($User.SurName)"
GivenName = $User.GivenName
Surname = $User.SurName
Enabled = $true
ChangePasswordAtLogon = $false
DisplayName = $Displayname
Department = $Department
AccountPassword = (ConvertTo-SecureString $Password -AsPlainText -Force)
}
New-ADUser #userParams
}
P.S. The test for the username must come before doing more things with the $Username variable, like using it for the $Email variable. Otherwise, you could have duplicates in that too..
I am trying to make a script that creates users in bulk from a csv file. I tested the script with 5 users, but get the error message "New-ADUser: A value for the attribute was not in the acceptable range of values." I have been searching everywhere, but can't find the mistake!
function Get-RandomCharacters($length, $characters) {
$random = 1..$length | ForEach-Object { Get-Random -Maximum $characters.length }
$private:ofs=""
return [String]$characters[$random]
}
$ADUsers = Import-csv C:\Users\Admin\Users.csv -Delimiter ";"
foreach ($User in $ADUsers)
{
$Password = Get-RandomCharacters -length 20 -characters 'ABCDEFGHKLMNOPRSTUVWXYZabcdefghiklmnoprstuvwxyz1234567890!._?/'
$Username = $User.GivenName.substring(0,3) + $User.SurName.substring(0,3)
$Username = $Username.Replace('æ','ae')
$Username = $Username.Replace('ø','o')
$Username = $Username.Replace('å','aa')
$Username = $Username.ToLower()
$Username = $Username.Trim()
$Email = $Username + '#ONPremiumIT.com'
$DisplayName = $User.GivenName + ' ' + $User.SurName
New-ADUser `
-Path $User.Path `
-SamAccountName $Username `
-UserPrincipalName $Email `
-Name "$User.GivenName $User.SurName" `
-GivenName $User.GivenName `
-Surname $User.SurName `
-Enabled $True `
-ChangePasswordAtLogon $false `
-DisplayName "$Displayname" `
-Department $Department `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force)
}
csv file:
GivenName;SurName;Department;Path
Tobias;Santelmann;it-drift;OU=it-drift,OU=onprit-brukere,DC=sec,DC=core
Maria;Aas;dev-team;OU=dev-team,OU=onprit-brukere,DC=sec,DC=core
Anniken;Arildset;renhold;OU=renhold,OU=onprit-brukere,DC=sec,DC=core
Thea;Urne;regnskap;OU=regnskap,OU=onprit-brukere,DC=sec,DC=core
Marthea;Wichstad;hr;OU=hr,OU=onprit-brukere,DC=sec,DC=core
The error comes from -Name "$User.GivenName $User.SurName", which should have been -Name "$($User.GivenName) $($User.SurName)".
Example:
"$User.GivenName $User.SurName" # --> #{GivenName=Tobias; Surname=Santelmann}.GivenName #{GivenName=Tobias; Surname=Santelmann}.SurName
but when using the Subexpression operator $(..), it does what you want:
"$($User.GivenName) $($User.SurName)" # --> Tobias Santelmann
Also, when using lots of parameters, you can have difficult to spot errors when using those backticks.
I'd suggest using Splatting for that:
$userParams = #{
Path = $User.Path
SamAccountName = $Username
UserPrincipalName = $Email
Name = '{0} {1}' -f $User.GivenName, $User.SurName # or: "$($User.GivenName) $($User.SurName)"
GivenName = $User.GivenName
Surname = $User.SurName
Enabled = $true
ChangePasswordAtLogon = $false
DisplayName = $Displayname
Department = $Department
AccountPassword = (ConvertTo-SecureString $Password -AsPlainText -Force)
}
New-ADUser #userParams
Import-Module ActiveDirectory
$file = "C:\Users\Administrator\Documents\UsersHR.csv"
$targetDN = "OU=HR,OU=NTTLab,DC=NTTLab,DC=internal"
$importedUsers = Import-Csv $file
foreach ($user in $importedUsers)
{
$Username = $User.Username
$Password = $User.Password
$Firstname = $User.Firstname
$Lastname = $User.Surname
$Name = $User.Firstname + $User.Lastname
$OU = "OU=HR,OU=NTTLab,DC=NTTLab,DC=internal"
$company = $User.company
$department = $User.department
$Password = $User.Password
New-ADUser -SamAccountName $Username -Name $Name -GivenName $Firstname -Surname $Lastname -Enabled $true -DisplayName "$Lastname, $Firstname" -Path $OU -Company $Company -Department $department -AccountPassword $Password -ChangePasswordAtLogon $true
}
I'm working on a VM of windows server 2016.
I'm trying to add several users at once to the AD using PowerShell ISE, but I'm running into several errors about the name.
it's either not properly formed, empty or it's asking for it manually
You didn't say what it's complaining about, but I assume it's this:
$Username = $User.Username
...
New-ADUser -SamAccountName $Username
There are several User Naming Attributes in Active Directory. The sAMAccountName attribute is a short username. It must be 20 characters or less. Although the # character is technically allowed, it is usually never used. In fact, AD Users and Computers won't let you put an # in it.
That "Username" you have in your file is a better fit for the userPrincipalName attribute.
But you will still have to figure something out for the sAMAccountName. Our organization uses the last name (cropped at 18 characters) and first two letters of the first name. That would look something like this:
Import-Module ActiveDirectory
$file = "C:\Users\Administrator\Documents\UsersHR.csv"
$targetDN = "OU=HR,OU=NTTLab,DC=NTTLab,DC=internal"
$importedUsers = Import-Csv $file
foreach ($user in $importedUsers)
{
$SamAccountName = "$($User.Surname.Substring(0, [System.Math]::Min(18, $User.Surname.Length)))$($User.Firstname)"
$UserPrincipalName = $User.Username
$Password = $User.Password
$Firstname = $User.Firstname
$Lastname = $User.Surname
$Name = "$($User.Firstname) $($User.Surname)"
$OU = "OU=HR,OU=NTTLab,DC=NTTLab,DC=internal"
$company = $User.company
$department = $User.department
$Password = $User.Password
New-ADUser -SamAccountName $SamAccountName -UserPrincipalName $UserPrincipalName -Name $Name -GivenName $Firstname -Surname $Lastname -Enabled $true -DisplayName "$Lastname, $Firstname" -Path $OU -Company $Company -Department $department -AccountPassword $Password -ChangePasswordAtLogon $true
}
I also fixed how you defined $Name, since it didn't have a space, and you were using $User.Lastname instead of $User.Surname.
For the life of me, I can't figure a way to either create a new ad account with the distinguished name as firstname lastname instead of the username or modifying it afterwards.
New-ADUser -SamAccountName $UserName -Name $UserName -DisplayName $DisplayName -GivenName $FirstName -Surname $LastName -UserPrincipalName $MailAddress -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) `
-Enabled $false -Path $OU -ChangePasswordAtLogon $true -server ad.corp.com -MobilePhone $MobileNumber -OfficePhone $OfficeNumber -Title $JobTitle
$fullname = $FirstName + " " + $LastName
$distinguishedName="CN=" + $fullname + ", " + $ou
set-aduser $distinguishedName
The set-aduser returns a "directory not found" which makes sense since the distinguished name is the username.
Thanks
You can assign your newly created ADUser to a variable and set its name as follows:
$Params = #{
SamAccountName = $UserName
Name = $UserName
DisplayName = $DisplayName
GivenName = $FirstName
Surname = $LastName
UserPrincipalName = $MailAddress
AccountPassword = (ConvertTo-SecureString $Password -AsPlainText -Force)
Enabled = $False
Path = $OU
ChangePasswordAtLogon = $True
Server = 'ad.corp.com'
MobilePhone = $MobileNumber
OfficePhone = $OfficeNumber
Title = $JobTitle
PassThru = $True
}
$ADUser = New-ADUser #Params
I couldn't test this, but it should work:
$DistinguishedName = "CN=$FirstName $LastName, $OU"
$ADUser.DistinguishedName = $DistinguishedName
I actually got it to work by using the rename-adobject.
Rename-ADObject -Identity $user -NewName $fullname -server ad.corp.com
The error I'm getting is "Missing expression after unary operator '-'" At line 63, char 14. So it's where the Path/OU is set, but I can't find anything wrong with it. Any help is appreciated. Thanks.
# Import active directory module for running AD cmdlets
Import-Module ActiveDirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv C:\ADMaint\NewUsers\NewUsers.csv
$Password = "Welcome01"
$OU = "ou=NewUsers,ou=Users,ou=Logins,dc=company,dc=com"
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below
$Firstname = $User.firstname
$Middle = $User.middle
$Lastname = $User.lastname
$Department = $User.department
$Title = $User.title
$Office = $User.office
$Address = $User.address
$Company = $User.company
$employeeNumber = $User.employeeNumber
$employeeID = $User.employeeID
$Telephone = $User.telephone
$Pager = $User.pager
$Mobile = $User.mobile
$Fax = $User.fax
$Custom1 = $User.custom1
$Custom2 = $User.custom2
$Custom3 = $User.custom3
$Custom4 = $User.custom4
$DisplayName = "$Lastname" + ", " + "$Firstname" + " " + "$Middle"
$Username = "$lastname".ToLower() + "$firstname".substring(0,1).ToLower()
#Check to see if the user already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
}
else
{
#User does not exist then proceed to create the new user account
#Account will be created in the OU provided by the $OU variable read from the CSV file
New-ADUser `
-SamAccountName $Username `
-UserPrincipalName "$Username#vinfen.org" `
-Name $DisplayName `
-GivenName $Firstname `
-surname $Lastname `
-initials $Middle `
-department $Department `
-title $Title `
-Office $Office `
-streetAddress $Address `
-Company $Company `
-employeeNumber $EmployeeNumber `
-employeeID $EmployeeID `
-OfficePhone $Telephone `
-mobile $Mobile `
-fax $Fax `
-DisplayName $DisplayName`
-Path $OU `
-AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
#-OtherAttribute #{pager="$(User."pager")"; extensionAttribute1="$(User."custom1")"; extensionAttribute2="$(User."custom2")"; extensionAttribute3="$(User."custom3")"; extensionAttribute4="$(User."custom4")"} `
-ChangePasswordAtLogon $true `
-Enabled $true `
}
}
Can't verify now, but looks like there is a missing space before the ` on the previous line.
-DisplayName $DisplayName`
Multi-line commands require the space before the ` symbol.