So i'm trying to create a list of new users in powershell on my windows server 2012 r2. I want the users name as Mike, Linda, Kurt. I run the following command
New-ADUser Kurt -enabled
I get an error as that does not work. I know that this command exists and works
New-ADUser Kurt
Is there a command to create a new user and set it to enabled without setting a password to it? I'm a beginner at powershell
You will need to add the $true value to the -Enabled flag, like so:
New-ADUser Kurt -Enabled $true
This is because the -Enabled flag expects a boolean value (true, false) to be sent to it.
Related
I am trying to write a Powershell script to create a new Windows user an then log into that new account. I can create the new account like so:
New-LocalUser -Name $username -Description 'SomeAccountName' -Password 'SomePassword' -PasswordNeverExpires -UserMayNotChangePassword
But I am unsure if I am then able to log into the new account from the same script. Is this possible? And if so, how could I go about doing so?
I'm using a PowerShell script I found to add new AD users. It reads info from a CSV file, and everything works well, except that I need it to set the initial startup program for the new users. Here is the command:
New-ADUser $sam -GivenName $_.GivenName -DisplayName $_.DisplayName `
-UserPrincipalName ($sam + "#" + $dnsroot) -AccountPassword $setpass -Enabled $enabled `
-PasswordNeverExpires $expires -OtherAttributes #{'msTSInitialProgram'="programToRun"; 'msTSWorkDirectory'="directoryToRunIn"}
After looking at the user that is created, I see that it effectively ignores the -OtherAttributes.
Am I missing an attribute somewhere that is causing it to skip setting the initial program?
The 'msTSInitialProgram' attribute specifies the path and file name of the application that the user wants to start automatically when the user logs on to the terminal server. To set an initial application to start when the user logs on, the implementer must first set this property, and then set the TerminalServicesWorkDirectory property. If the implementer sets only the TerminalServicesInitialProgram property, the application starts in the user's session in the default user directory.
These attributes are implemented on Windows Server 2008 operating system, Windows Server 2008 R2 operating system, Windows Server 2012 operating system, and Windows Server 2012 R2 operating system.
On my Windows Server 2012 your command line works, run as administrator, works perfectly and assigned 'msTSInitialProgram' and 'msTSWorkDirectory' as you can see here under.
New-ADUser "T2" -GivenName "Tg" -DisplayName "T2" `
-UserPrincipalName ("T2#SILOGIX-ESS01.local") -Enabled $true -AccountPassword $(convertto-securestring "P#ssW0rD!" -asplaintext -force) `
-OtherAttributes #{'msTSInitialProgram'="programToRun"; 'msTSWorkDirectory'="directoryToRunIn"}
We try to create new-mailbox in office 365 account using the cmdlet
New-Mailbox -UserPrincipalName chris#contoso.com -Alias chris -Database "Mailbox Database 1"
in WindowsPowershell ISE.To our surprise -UserPrincipalName is not a recognizable.However,using the following cmdlet ,we are able to create new mail box
New-Mailbox -Name "abcd" -MicrosoftOnlineServicesID "abcd#abcdwe.onmicrosoft.com" -Password $Password
here -MicrosoftOnlineServicesID is well recognizable and runs successfully also.
Note:I mean recognizable since when I type -MicrosoftOnlineServicesID in Windows Powershell ISE,the intellisense pops up a suggestion.
My question is why is the parameter -MicrosoftOnlineServicesID is recognizable and why the prameter -UserPrincipalName is not recognizable?
Note:In the same way as -UserPrincipalName , the parameter -TemplateInstance and many other parameters are not recognizable or not working properly.
Please carify what we need to include/import to make these cmdlets recognizable.
i always get the ACCES DENIED Powershell Error and have no idea why....
my script:
Get-ADUser -Filter * -SearchScope Subtree | Set-ADAccountPassword -Reset -NewPassword (ConvertTo-SecureString -AsPlainText "Mypw123" -Force)
please help me
Thank you
Nothing wrong with your script. Things to check:
Run the command from an elevated Powershell command
Try with a single user to see if you are still getting the error If it is not working
for a single user,
use ADUC (make sure you have launched it as the user launching the PowerShell session), right click and reset the account. You should get the same error.
I'm working on a small script to make adding users to our AD easier. It's just a one line New-ADUser powershell script that asks for inputs. It looks like this:
New-ADUser -Name (Read-Host "User Name") -AccountExpirationDate 0 -CannotChangePassword 1 -ChangePasswordAtLogon 0 -PasswordNeverExpires 1 -Company (Read-Host "Company") -Department (Read-Host "Department") -Title (Read-Host "Title") -Manager (Read-Host "Manager's User Name") -GivenName (Read-Host "Full Name") -MobilePhone (Read-Host "Cell Phone Number") -State (Read-Host "State") -AccountPassword (Read-Host -AsSecureString "Password") -ProfilePath (Read-Host "Roaming Profile Path") -Path (Read-Host "AD Path to User")
It asks for everything like it should but after inputting everything it returns: "New-ADUser : Not a valid Win32 FileTime. At line:1 char:11." I checked that location in the command (it's the space after "New-ADUser") and I don't know why it would return that.
Is this an efficient way of doing what I want? How can I fix my command to not return the error? Is it what I'm inputting into the spots?
You have to change:
-AccountExpirationDate 0
with
-AccountExpirationDate $null
or you can simply not set this parameter for an unexpiring account.
This technet page has an error.
For Windows Server 2016 the problem above exists, and the solution above does not work (completely).
I have found a workaround.
Yes, the Technet page above has an error; unfortunately, that also results in the PowerShell scripting system having a problem parsing the script
So - Error #1 - If you use the command New-ADUser as specified with 0 as the parameter, you get error New-ADUser : Not a valid win32 FileTime.
When you change 0 to $null, you get Error #2 - The term '(the next parameter in your command)' is not recognized as the name of a cmdlet, function
I found the following solution to completely solve the problem:
Change (as above) -AccountExpirationDate $null
Move this parameter to the LAST Parameter! Otherwise, you then end up with the error where the next item is incorrectly parsed. You'll note that in the IDE where the parameter shows up in the wrong color.