Add users to Active Directory via Powershell and CSV!

Every  year, I clear out the students from my Active Directory domain, and then recreate them in the fall. Why, you may be asking. Simple. With some many kids coming and going between districts, I want to make sure that A: I’ve got all the new ones in the system and B: I don’t have the old ones. So, a delete/recreate it is.

Problem is, when you’ve got 700+ students, this can be time consuming. But not anymore! Lets script this bad boy!
So, first things first. This works on Server2012/Win8 and up. This is because we’re using powershell Cmdlets that exist in this installs, and not the 2008 ones. Blame Microsoft, not me.

We’re going to want to create our Powershell script first. Mine looks just like this:

Import-Csv .\hs.csv | foreach-object {
New-ADUser -Name $_.DisplayName -UserPrincipalName $_.UserPrincipalName -SamAccountName $_.Username -GivenName $_.GivenName -DisplayName $_.DisplayName -SurName $_.Surname -Path $_.Path -AccountPassword (ConvertTo-SecureString $_.Password -AsPlainText -force) -Enabled $True -PasswordNeverExpires $True -PassThru }

Basically, it’s telling powershell to grab the file named hs.csv that is stored in the same folder as the script. If you have it stored in a different location, just tell it that path. Mind you, it doesn’t like UNC paths, so you’ll need to either mount the network share as a drive or copy it to the machine you’re working on locally. Next, it fires up the New-ADUser Cmdlet and associates the fields it needs with the fields in your CSV file. The fields I used are the following:

Surname- The last name of your users.
GivenName – Users first names
Display Name – This is what shows up under the start menu for you’re users. I usually just concatenate together the GivenName and Surname to form this with a space. i.e. =concatenate(a2,” ” , b2) *notice the ” ” in the middle. That’s to make sure the space is there*
Username- This is the name your users will log in with. Very important.
UserPrincipalName – This is for the users in the LDAP database. It’s their username, followed by the @youdomainname.youdomainsuffix. So, if your username is BillyBobT and you domain is Monsters.ball, your principalname is BillyBobT@Monsters.ball . Use that concatenate function to make it easy for yourself.
Password – the default password for your users. Can be whatever you’d like, but it will need to meet you’re complexity requirements.  I’d recommend setting the users to change at next log in in AD Users and Computers right after you make them.
Path– this is where in AD you want your users to be stored. it needs to be typed in classic AD format. So, if you have an OU called “Staff Users” under your AD root, your path would be “OU=Staff Users,DC=Monsters,DC=Ball” . Note the quotations around the Path. Those need to be there, so the spaces don’t throw off the parsing.

Once you’ve got your CSV file setup, throw it in the same folder as your script, and run it via Powershell. You can’t run it in standard cmd, remember. You’ll see scrolling text based as your users are created, and the time it takes is highly dependent on the amount of users you’re doing.  I’ve found it’s a little under 1 user a second, so it really doesn’t take long. Hope this helps out with your beginning of the year setup!

Leave a Reply