2021 Annual Petri Reader Survey - We want to know what's important to you! 2021 Annual Petri Reader Survey - We want to know what's important to you!
Active Directory

How to Quickly Create Active Directory Users in Bulk

Recently I revisited deploying Windows Server Active Directory in Azure, a subject that I’d covered a few times here on Petri. Today I want to look again at deploying Active Directory (AD) users in bulk. Specifically using standard usernames. By that I mean rather than creating user objects with real names, like Bob Jones or Russell Smith, use a syntax like employee1, employee2, etc. Partly because it is easier to have PowerShell automatically generate standard names and it works fine for a test environment. Some organizations choose to use standard names in production, so the code I’m going to show you today isn’t necessarily just for a test lab.

If you are interested in using PowerShell to populate Active Directory with user objects that use real names, take a look at Populate Active Directory with Test User Accounts on Petri, where I show you how to use a script by Johan Dahlbom. Or if you prefer a simpler solution, take a look at Create New Active Directory Users with Excel and PowerShell.

Using a ForEach Loop to Create User Objects

PowerShell ForEach loops are generally used to read through an array of strings. For example, the following code reads the access control list (ACL) for each folder in the c:\accounts directory tree.

$FolderPath = Get-ChildItem -Directory -Path "c:\accounts" -Recurse -Force
ForEach ($Folder in $FolderPath) {$Acl = Get-Acl -Path $Folder.FullName}

But if you don’t have an array of data to read like in the example above, you can use a number range to repeat a command a specified number of times. That’s useful if we want to create a specific quantity of Active Directory users. All we need to do is specify the range and then use a ForEach loop to run the New-ADUser cmdlet. Don’t forget that the AD module for PowerShell needs to be installed on the device where you run the New-ADUser cmdlet. You can install the Remote Server Administration Tools (RSAT) for Active Directory Domain Services to install the AD PowerShell module.

Creating a new Active Directory User with PowerShell

Let’s take a quick look at creating a new AD user object using the New-ADUser cmdlet. In the code below, I create a new user called employee1. I can’t pass a cleartext password using the -AccountPassword parameter, so I first convert it to a secure string. The user will need to change the password at first log on (-ChangePasswordAtLogon) and the account is enabled by default (-Enabled).

New-ADUser -Name employee1 -AccountPassword (ConvertTo-SecureString Pas$W0rd!!11 -AsPlainText -Force) -UserPrincipalName [email protected]$env:userdnsdomain -ChangePasswordAtLogon $True -Enabled $True

But what if I want to create more than one user? I start by specifying a range of objects. In this case, I want to create 25 users, so 1..25. Then each loop creates a new AD user object using New-ADUser. See that I append the current object number to the end of the account name using $_ and do the same in the -UserPrincipalName parameter.

How to Quickly Create Active Directory Users in Bulk (Image Credit: Russell Smith)
How to Quickly Create Active Directory Users in Bulk (Image Credit: Russell Smith)

1..25 | ForEach-Object {New-ADUser -Name employee$_ -AccountPassword (ConvertTo-SecureString Pas$W0rd!!11 -AsPlainText -Force) -UserPrincipalName [email protected]$env:userdnsdomain -ChangePasswordAtLogon $True -Enabled $True}

You can check that the users were created by using the Get-ADUser cmdlet. Here I list accounts that follow the standard name format and then list the results to make the output easier to read.
Get-ADUser -Filter 'Name -like "employee*"' | Format-List Name, UserPrincipalName

And that is it! Beautiful in its simplicity and you can modify the ForEach loop to repeat any command that you like a specific number of times.

Related Topics:

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register
Comments (1)

One response to “How to Quickly Create Active Directory Users in Bulk”

  1. muratyildirimoglu

    for a through analysis: muratyildirimoglu.wordpress.com/2018/10/11/how-many-users-can-be-created-in-windows/

Leave a Reply

IT consultant, Contributing Editor @PetriFeed, and trainer @Pluralsight. All about Microsoft, Office 365, Azure, and Windows Server.

Register for the Hybrid Identity Protection (HIP) Europe Conference!

Hybrid Identity Protection (HIP) Europe 2021 - Virtual Conference

Mobile workforces, cloud applications, and digitalization are changing every aspect of the modern enterprise. And with radical transformation come new business risks. Hybrid Identity Protection (HIP) is the premier educational forum for identity-centric practitioners. At the inaugural HIP Europe, join your local IAM experts and Microsoft MVPs to learn all the latest from the Hybrid Identity world.