PowerShell Module for Active Directory Bulk-User Management
Active Directory Bulk-Users Management PowerShell Module manages multiple AD users New-ADUsers: Creates multiple AD users from a CSV file Update-ADUsers: Updates AD users attributes with information in a CSV Export-ADUsers: Exports certain user attributes to a CSV file.
Download ADUsers.zip
Active Directory Bulk-Users Management PowerShell Module manages multiple AD users
New-ADUsers: Creates multiple AD users from a CSV file
Update-ADUsers: Updates AD users attributes with information in a CSV
Export-ADUsers: Exports certain user attributes to a CSV file.
Change Log
New-ADUsers:
16/03/2015
Change the parameter ChangePasswordAtLogon from Required to Optional
Change the parameter MoveNewUsersTo from Required to Optional
15/07/2015
Updated the New-ADUsers function to be able to add users to groups specified in the CSV – You can add up to 10 groups
Export-ADUsers:
30/04/2015
Included a Credential Parameter. This is will allow you to run report accross domains or from a non-domain member Computer. This parameter is optional
23/05/2015
Added a ForEach loop to the final Get-ADUser command (in the Export-ADUsers function) to take care of situations where there are more than one container with the specified name.
General:
23/05/2015
Updated help information in the Export-ADUsers and Update-ADUsers functions
Functionalities / Features
A full list of the functions uincluded in this module can be found in the word file located in the unzipped folder. Below are some of the features:
- New-ADUsers function
- Creates multiple Active Directory Users with information in a CSV file
- Creates users sAMAccountName in the format First_Name.Second_Name.
- Confirms that the sAMAccountName does not exist before creating it.
- Creates User Principal Names for each user in the format sAMAccountName@domain.com.
- Enables all accounts created
- Update-ADUsers function
- Updates multiple Active Directory Users with information in a CSV file
- Has option to update key attributes: Manager, Addresses, description and much more
- Has error logging functionality
- Has full help functionality
- Export-ADUsers function
- Provides option to specify the AD container to search in the display name format and not in Distinguished Name format.
- Option to specify where you want to save users report.
- Exports most common user attributes including Manager Name, Account Status (Enabled or Disabled), and Last LogOn Date.
Installation
To install the ADUsers PowerShell Module:
- Download the zip file ADUsers.zip and unzip and copy the ADUsers folder to “C:\Users\<username>\Documents\WindowsPowerShell\Modules”
- Open a PowerShell Console and run the command : Import-Module ADUsers
NOTE: Full guide with examples is included in the Word file
Portions of the functions
PowerShell
Active Directory Bulk-Users Management PowerShell Module manages multiple AD users
New-ADUsers: Creates multiple AD users from a CSV file
Update-ADUsers: Updates AD users attributes with information in a CSV
Export-ADUsers: Exports certain user attributes to a CSV file.
Change Log
New-ADUsers:
16/03/2015
Change the parameter ChangePasswordAtLogon from Required to Optional
Change the parameter MoveNewUsersTo from Required to Optional
15/07/2015
Updated the New-ADUsers function to be able to add users to groups specified in the CSV – You can add up to 10 groups
Export-ADUsers:
30/04/2015
Included a Credential Parameter. This is will allow you to run report accross domains or from a non-domain member Computer. This parameter is optional
23/05/2015
Added a ForEach loop to the final Get-ADUser command (in the Export-ADUsers function) to take care of situations where there are more than one container with the specified name.
General:
23/05/2015
Updated help information in the Export-ADUsers and Update-ADUsers functions
Functionalities / Features
A full list of the functions uincluded in this module can be found in the word file located in the unzipped folder. Below are some of the features:
- New-ADUsers function
- Creates multiple Active Directory Users with information in a CSV file
- Creates users sAMAccountName in the format First_Name.Second_Name.
- Confirms that the sAMAccountName does not exist before creating it.
- Creates User Principal Names for each user in the format sAMAccountName@domain.com.
- Enables all accounts created
- Update-ADUsers function
- Updates multiple Active Directory Users with information in a CSV file
- Has option to update key attributes: Manager, Addresses, description and much more
- Has error logging functionality
- Has full help functionality
- Export-ADUsers function
- Provides option to specify the AD container to search in the display name format and not in Distinguished Name format.
- Option to specify where you want to save users report.
- Exports most common user attributes including Manager Name, Account Status (Enabled or Disabled), and Last LogOn Date.
Installation
To install the ADUsers PowerShell Module:
- Download the zip file ADUsers.zip and unzip and copy the ADUsers folder to “C:\Users\<username>\Documents\WindowsPowerShell\Modules”
- Open a PowerShell Console and run the command : Import-Module ADUsers
NOTE: Full guide with examples is included in the Word file
Portions of the functions
PowerShell
Function New-ADUsers { Process { Import-Csv -Path $UserCSVFile | ForEach-Object { $GivenName = $_.'First Name' $Surname = $_.'Last Name' $DisplayName = $_.'Display Name' $StreetAddress = $_.'Full address' $City = $_.City $State = $_.State $PostCode = $_.'Post Code' $Country = $_.'Country/Region' $Title = $_.Title $Company = $_.Company $Description = $_.Description $Department = $_.Department $Office = $_.Office $Phone = $_.Phone $Mail = $_.Email $AccountExpires = $_.AccountExpirationDate $Manager = $_.Manager $password = $_.Password If ($Manager) {$ManagerDN = (Get-ADUser -server $Server -Credential $Cred -LDAPFilter "(DisplayName=$Manager)").DistinguishedName }#Manager required in DN format } $setpassword = ConvertTo-SecureString -AsPlainText $password -force Try{ New-ADUser $sam -server $Server -Credential $Cred ` -GivenName $GivenName -ChangePasswordAtLogon $FALSE ` -Surname $Surname -DisplayName $DisplayName -Office $Office ` -Description $Description -EmailAddress $Mail -ErrorAction stop ` -StreetAddress $StreetAddress -City $City -state $State ` -PostalCode $PostCode -Country $Country -UserPrincipalName $UPN ` -Company $Company -Department $Department -enabled $TRUE ` -Title $Title -OfficePhone $Phone -AccountPassword $setpassword ` -AccountExpirationDate $AccountExpires } Catch [Exception] {$DisplayName + " Was created with errors. Error recored: $($_.Exception.Message)" | Out-File $logfile -append} } Function Update-ADUsers { $csvfile | ForEach-Object { $GivenName = $_.'First Name' $Surname = $_.'Last Name' $DisplayName = $_.'Display Name' $StreetAddress = $_.'Full address' $Sam = $_.UserName $City = $_.City $State = $_.State $PostCode = $_.'Post Code' $Country = $_.'Country/Region' $Title = $_.'Job Title' $Company = $_.Company $Description = $_.Description $Department = $_.Department $Office = $_.Office $Phone = $_.Phone $Mail = $_.Email $AccountExpires = $_.AccountExpirationDate $Manager = $_.Manager If($SAMinAD -eq $sam -and $SAMinAD -ne $null ) { #added the 'if clause' to ensure that blank fields in the CSV are ignored. #the object names must be the LDAP names. get values using ADSI Edit IF ($DisplayName) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{displayName=$DisplayName} } Else {"DisplayName not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($StreetAddress) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{StreetAddress=$StreetAddress} } Else {"StreetAddress not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($City ) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{l=$City} } Else {"City not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } If ($State) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -State $State } Else {"State not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($PostCode) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{postalCode=$PostCode} } Else {"PostCode not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } #Country did not accept the -Replace switch. It works with the -Country switch IF ($Country) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Country $Country } Else {"Country not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($Title) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{Title=$Title} } Else {"Job Title not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($Company ) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{Company=$Company} } Else {"Company not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($Description ) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{Description=$Description} } Else {"Description not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($Department) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{Department=$Department} } Else {"Department not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } IF ($Office) { Set-ADUser -server $Server -Credential $Cred -Identity $sam -Replace @{physicalDeliveryOfficeName=$Office} } Else {"Office not set for $DisplayName because it is not populated in the CSV file" | Out-File $logfile -Append } } Function Export-ADUsers { Get-ADUser -server $Server -searchbase "$SearchLocDN" -Properties * -Filter * | Select-Object @{Label = "First Name";Expression = {$_.GivenName}}, @{Label = "Last Name";Expression = {$_.Surname}}, @{Label = "Display Name";Expression = {$_.DisplayName}}, @{Label = "Logon Name";Expression = {$_.sAMAccountName}}, @{Label = "Full address";Expression = {$_.StreetAddress}}, @{Label = "City";Expression = {$_.City}}, @{Label = "State";Expression = {$_.st}}, @{Label = "Post Code";Expression = {$_.PostalCode}}, @{Label = "Country/Region";Expression = {if (($_.Country -eq 'GB') ) {'United Kingdom'} Else {''}}}, @{Label = "Job Title";Expression = {$_.Title}}, @{Label = "Company";Expression = {$_.Company}}, @{Label = "Description";Expression = {$_.Description}}, @{Label = "Department";Expression = {$_.Department}}, @{Label = "Office";Expression = {$_.OfficeName}}, @{Label = "Phone";Expression = {$_.telephoneNumber}}, @{Label = "Email";Expression = {$_.Mail}}, @{Label = "Manager";Expression = {%{(Get-AdUser $_.Manager -server $Server -Properties DisplayName).DisplayName}}}, @{Label = "Account Status";Expression = {if (($_.Enabled -eq 'TRUE') ) {'Enabled'} Else {'Disabled'}}}, # the 'if statement# replaces $_.Enabled @{Label = "Last LogOn Date";Expression = {$_.lastlogondate}} | #Export CSV report Export-Csv -Path $csvreportfile -NoTypeInformation }
Windows 10 | No |
Windows Server 2012 | Yes |
Windows Server 2012 R2 | No |
Windows Server 2008 R2 | Yes |
Windows Server 2008 | Yes |
Windows Server 2003 | Yes |
Windows Server 2016 | No |
Windows 8 | No |
Windows 7 | Yes |
Windows Vista | No |
Windows XP | No |
Windows 2000 | No |
This script is tested on these platforms by the author. It is likely to work on other platforms as well. If you try it and find that it works on another platform, please add a note to the script discussion to let others know. Disclaimer The sample scripts are not supported under any Microsoft standard support program or service. The sample scripts are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.
Source :
https://gallery.technet.microsoft.com/Active-Directory-Bulk-9c5271b2