Active Directory User Creation tool 1.2

One task that every systems administrator has to go through at some point is the creation of new user accounts. Powershell makes this process simple and adds additional functionality, such as the ability to set defaults and import users from CSV.

ANUC.ps1
 
 
 
 
 
(132)
74,105 times
Add to favorites
Active Directory
12/4/2012
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • Add email filed in the program. & passwordneverxperied module
    1 Posts | Last post February 17, 2015
    • hello,
      first i really appreciat your scripts, it's so amazing what you did. :)
      
      i'd like to ask you , how can i add E-mail fild inside your program.. i looked in all questions here but i couldn't find it.
      
      kindly
      
      Mouni
  • Getting an error in New-ADUser?
    1 Posts | Last post February 05, 2015
    • Hello, I'm getting the error at the bottom. What does this mean?
      
      
      New-ADUser : Directory object not found
      At C:\Users\eric.turner\Documents\Active Directory\New User\ANUC.ps1:377 char:3
      +         New-ADUser @User -ErrorVariable ADError
      +         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : ObjectNotFound: (CN=Test Smith,O...kosoft,DC=local:String) [New-ADUser], ADIdentityNotFo
         undException
          + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,M
         icrosoft.ActiveDirectory.Management.Commands.NewADUser
      
      
  • Phone at the office name ?
    2 Posts | Last post January 08, 2015
    • Hello to all ,
      I have been trying to use this script ,
      I uploaded the csv , in the "Phone" Header i put the user phone,
      In the Office Header i put the the office name ,
      but when the user is created , the phone number is in the office tab of the user and the office name is in the phone number tab.
      
      Did this happen to anyone ?
      or how can i fix it?
      Thanks .
    • There is small mistake in code which you need to rectify:
      Line No 537 : rename "$OfficePhone" to "$Office" and vice versa in Line No 542
  • Need to add a few things
    1 Posts | Last post December 03, 2014
    • First this is an awesme script but, I need a few things 
      
      I need to be able to set the initials 
      I need to change the attrabutes of Date of birth and hire date 
      ** I found the auto email string in the Q and A :) 
      This would be awesome if it can be added thanks for your controbution 
  • Add samaccount\upn
    4 Posts | Last post November 25, 2014
    • I need to add the option to have firstnamelastname for a samaccount and upn.  I am not sure how to achieve this. can someone please advise how?
    •   <sAMAccountName Generate="True">
         <Style Format="FirstNameLastName" Enabled="True" />
        </sAMAccountName>
        <UPN Generate="True">
         <Style Format="FirstNameLastName" Enabled="True" />
        </UPN>
      
      Function Set-sAMAccountName {
          Param([Switch]$Csv=$false)
          if(!$Csv)
              {
              $GivenName = $txtFirstName.text
              $SurName = $txtLastName.text
              }
          else{}
          Switch($XML.Options.Settings.sAMAccountName.Style | Where{$_.Enabled -eq $True} | Select -ExpandProperty Format)
              {
              "FirstNameLastName"    {"{0}{1}" -f $GivenName,$Surname}
              }
          }
      Function Set-UPN {
          Param([Switch]$Csv=$false)
          if(!$Csv)
              {
              $GivenName = $txtFirstName.text
              $SurName = $txtLastName.text
              $Domain = $cboDomain.Text
              }
          else{}
          Switch($XML.Options.Settings.UPN.Style | Where{$_.Enabled -eq $True} | Select -ExpandProperty Format)
              {
              "FirstNameLastName"    {"{0}{1}@{2}" -f $GivenName,$Surname,$Domain}
              }
          }
    • The sAMAccountName is not required to be unique in an Microsoft multi-domain AD Forest configuration. However, this can cause problems with PGP Universal Server and not allow the user to enroll because the software gets confused which user you are enrolling as and you will receive an authentication failure notification when trying to enroll.
      
       
      
      
      Solution
      
      
      Make sure that Directory Synchronization is enabled under Consumers > Directory Synchronization.  If not, click the Enable button
      Click the Settings button on this screen and make sure that Enroll clients using directory authentication is checked and click Save.
      Make sure that your Base Distinguished Names tab (under the server entry in Directory Synchronization page) has the correct Base DN configured to search for the user that is having problems enrolling (e.g. CN=Users,DC=corp,DC=example,DC=com). This would be valid for users in the CORP domain under the EXAMPLE.COM forest.  Click Save when changing the Base DN settings.
       
      
      When enrolling the PGP Desktop clients:
      
      1. Launch PGP Tray from Start > All Programs > Startup > PGP Tray.
      
      2. When prompted for authentication, instead of putting in the sAMAccountName value (e.g. Administrator) use the UPN (e.g. administrator@corp.example.com). You can find the UPN using an LDAP browser such as Softerra LDAP browser or else using the ADSI Edit utility from Microsoft.
      
      3. Enter the correct password for that user. This will allow you to enroll successfully.
      
      Alternatively, to have users continue to use the sAMAccountName attribute when enrolling (e.g. TUser for Test User). They only need to supply this information in the username field (TUser) and the users password.
    • Description:
      
         In Active Directory based environment, everyone should come across the AD attribute names samAccountName and userPrincipalName or UPN. In this article, I am going to explain the difference between samAccountName and userPrincipalName(UPN).
      
      The samAccountName is the User Logon Name in Pre-Windows 2000 (this does not mean samAccountName is not being used as Logon Name in modern windows systems). The userPrincipalName is a new way of User Logon Name from Windows 2000 and later versions. user Name part can be different for the same user like DomainName\testUser and userTest@DomainName.Com. 
      
      Before see the detailed explanation, we can check the summarized details of userPrincipalName and samAccountName.
      
      SamAccountName
      
         - The samAccountName attribute is the user logon name used to support clients and servers from a previous version of Windows ( Pre-Windows 2000).
         - The user logon name format is : DomainName\testUser.
         - The samAccountName must be unique among all security principal objects within the domain.
         - The samAccountName should be less than 20 characters.
         - Query for the new name against the domain to verify that the samAccountName is unique in the domain.
         - The USERNAME environment variable is the samAccountName even when logging with UPN
      
      UserPrincipalName - (UPN)
      
         - The UPN is an Internet-style login name for the user based on the Internet standard RFC 822.
         - The user logon name format is : testUser@DomainName.com.
         - The UPN must be unique among all security principal objects within the directory forest.
         - The advantage of using an UPN is that it can be the same as the users email address so that the user need to remember only a single name.
         - The UPN is optional, it can be assigned or not when the user account is created.
         - The userPrincipalName is unaffected by changes to other attributes of the user object, for example, if the user is renamed or moved, or changes to the domains in the tree, for example, 
  • sAMAccountName
    4 Posts | Last post November 25, 2014
    • How do we allow a custom sAMAccountName?
      
      I ask because we format ours differently. We typically use the first initial, middle initial, and first five characters of the last name with a 1 at the end. eg. Captain A. Morgan = camorga1.
      
      Any ideas on how to style this or allow a custom entry from either the field or a CSV.
    • If not how to place this in where it pulls FirstInitial, MiddleInitial, First5ofLastName, 1 with a result as shown above.
    • Current this is what we have (works for everything but the number at the end).
      
      Function Set-UPN {
          Param([Switch]$Csv=$false)
          if(!$Csv)
              {
              $GivenName = $txtFirstName.text
              $Initials = $txtInitials.text
              $SurName = $txtLastName.text
              $Domain = $cboDomain.Text
              }
          else{}
          Switch($XML.Options.Settings.UPN.Style | Where{$_.Enabled -eq $True} | Select -ExpandProperty Format)
              {
              "FirstName.LastName"    {"{0}.{1}@{2}" -f $GivenName,$Surname,$Domain}
              "FirstInitialInitialsLastName"  {"{0}{1}{2}@{3}" -f ($GivenName)[0],($Initials)[0],$SurName,$Domain}
              "LastNameFirstInitial"  {"{0}{1}@{2}" -f $SurName,($GivenName)[0],$Domain}
              Default                 {"{0}.{1}@{2}" -f $GivenName,$Surname,$Domain}
              }
          }
      
      Function Set-DisplayName {
          Param([Switch]$Csv=$false)
          if(!$Csv)
              {
              $GivenName = $txtFirstName.text
              $Initials = $txtInitials.text
              $SurName = $txtLastName.text
              }
          else{}
          Switch($XML.Options.Settings.DisplayName.Style | Where{$_.Enabled -eq $True} | Select -ExpandProperty Format)
              {
              "FirstName Initials LastName"    {"{0} {1} {2}" -f $GivenName,$Initials,$Surname}
              "LastName, FirstName"   {"{0}, {1}" -f $SurName, $GivenName}
              Default                 {"{0} {1}" -f $GivenName,$Surname}
              }
          }
    • Description:
      
         In Active Directory based environment, everyone should come across the AD attribute names samAccountName and userPrincipalName or UPN. In this article, I am going to explain the difference between samAccountName and userPrincipalName(UPN).
      
      The samAccountName is the User Logon Name in Pre-Windows 2000 (this does not mean samAccountName is not being used as Logon Name in modern windows systems). The userPrincipalName is a new way of User Logon Name from Windows 2000 and later versions. user Name part can be different for the same user like DomainName\testUser and userTest@DomainName.Com. 
      
      Before see the detailed explanation, we can check the summarized details of userPrincipalName and samAccountName.
      
      SamAccountName
      
         - The samAccountName attribute is the user logon name used to support clients and servers from a previous version of Windows ( Pre-Windows 2000).
         - The user logon name format is : DomainName\testUser.
         - The samAccountName must be unique among all security principal objects within the domain.
         - The samAccountName should be less than 20 characters.
         - Query for the new name against the domain to verify that the samAccountName is unique in the domain.
         - The USERNAME environment variable is the samAccountName even when logging with UPN
      
      UserPrincipalName - (UPN)
      
         - The UPN is an Internet-style login name for the user based on the Internet standard RFC 822.
         - The user logon name format is : testUser@DomainName.com.
         - The UPN must be unique among all security principal objects within the directory forest.
         - The advantage of using an UPN is that it can be the same as the users email address so that the user need to remember only a single name.
         - The UPN is optional, it can be assigned or not when the user account is created.
         - The userPrincipalName is unaffected by changes to other attributes of the user object, for example, if the user is renamed or moved, or changes to the domains in the tree, for example, 
  • adding more options for drop downs and states
    4 Posts | Last post November 15, 2014
    • hello, 
      I have been utilizing this tool for more than 2 weeks now. made my life easier on the school network with student accounts. However, I am wondering if there is any way to add more OU Paths, departments and address or states options to choose from. I am able to add tow OU paths, but none after that. Our organization has over 35 separate dept. groups and adding these each would help make life easier and cut my time in half. I have looked over the coding, but being newbie to scripting, i am getting no-where. any help would be greatly appreciated. thanks, Vince
    • :( figured it out, my issue was not that i couldn't add anymore OU paths, one of my paths had an ampersand & killing the process. now figure out how to exclude that as a string only... hmmmm
    •  a path includes the & sign. what can i do to tell the script to not run the & in background? 
      
      Path of OU: <Path>OU=MyOU,OU=Boys & Girls Club,OU=Domain,DC=domain,DC=domain</Path>
      
      please help anybody? thanks
    • Take a look at this link. It has an excellent explanation for how to escape special characters
      http://ss64.com/ps/syntax-esc.html
  • How to change the sAMAccountName format?
    4 Posts | Last post September 15, 2014
    • I want to use format "SixLettersSurNameOneLetterGivenName". I tried things like ($SurName)[0..5], or .substring(0,5) with no success. Thank you in advance.
    • pc2013, I haven't fully tested this and not even sure if its the right way, but I tried using SubString and it kept throwing errors.  I got it to at least display in the form correctly using the following:
      
      "FirstInitialFirstFiveLastName"	{"{0}{1}{2}{3}{4}{5}" -f ($GivenName)[0],$Surname[0],$Surname[1],$Surname[2],$Surname[3],$Surname[4]}
      
    • Same question. I'm interested in finding out how to limit this to 5 characters from the last name.
    • Hi, could you send me some pattern of CSV file with some supplemented data ? 
  • PrimalForms File
    4 Posts | Last post August 22, 2014
    • Hello Rich,
      
      is there a possibility to provide the PrimalForms GUI File?
      I want to have some additional features on my own.
      
      It would be nice to do this with help of the tool instead of editing the GUI components in source code.
      
      Thank you very much!
    • My intension is:
      
      I want to select a Department, for example "IT".
      
      there should be an additional box which content is dynamically loaded by the choose of the Department. 
      
      I already added further information to the XML file:
      
       <Groups>
      	<Group Name="IT">
      		<Entry>value1</Entry>
      		<Entry>value2</Entry>
      		<Entry>value3</Entry>
      	</Group>
       </Groups>
      
      The </Entry> contents should be loaded into a new Box in the GUI. (Maybe a checkedListBox?)
      
      Afterwards i should be able to select or deselect the values inside that box. All selected values have to be proceeded within a new funktion / loop for example.
      
      I am very new to powershell and it would be nice to receive a little advice.
      
      (Especially how to load the content from the XML file into a new box dependent on the selection of the "departments field")
      
      
    • Did an solution on my own (Connected User to predefined AD Group Templates inside the XML file):
      
      1) Created a checkedListBox
      
      	#
      	# clbGroups
      	#
      	$clbGroups.Anchor = 'Top, Left, Right'
      	$clbGroups.FormattingEnabled = $True
      	$clbGroups.Location = '118, 620'
      	$clbGroups.Name = "Groups"
      	$clbGroups.Size = '173, 100'
      	$clbGroups.TabIndex = 88
      
      2) Made a "SelectIndex_Changed" for the "Department" Box:
      
      $cboDepartment_SelectedIndexChanged={ 
      		$clbGroups.Items.Clear()
      		$XML.Options.Groups.ADGroup | ?{$_.Name -match $cboDepartment.Text} | Select -ExpandProperty Entry | %{$clbGroups.Items.Add($_)}	
      }
      
      3) Now if I select "IT" as department, the following attributes are collected by the XML file and presented as checkbox Items in the Checkbox itself:
      
       <Groups>
      	<Group Name="IT">
      		<Entry>value1</Entry>
      		<Entry>value2</Entry>
      		<Entry>value3</Entry>
      	</Group>
       </Groups>
      
      4) The AD Groups are automatically connected to the new user:
      
      $ldapUserpath= "LDAP://" + $Path
      		
      foreach($ADValue in $clbGroups.CheckedItems)
          {
          $Connection = "LDAP://CN="+$ADValue+",OU=Unit2,OU=Unit1,DC=company,DC=de"
          $Group = [adsi] $Connection
          $UserAD = 'LDAP://CN="'+$Name+'",'+ $Path
          $Group.Add($UserAD)
          }
      
      Hope these snippets are helpfull for someone with the same problem!
    • Could you elaborate a little more on this? I'm getting errors saying that it can't find all the properties in the whole clbGroups piece. 
  • Path format
    2 Posts | Last post July 23, 2014
    • HI I'm trying to import from CSV. What is the path format to use?  the delimitation for the CSV file are comma so if I put my path(OU=employeNR,DC=groupetci,DC=com)in the CVS file then the system takes the comma in the path in consideration. hope im clear  
    • I think you have to put Quotes around any entries like the OU path, so "OU=employeNR,DC=groupetci,DC=com" should work.
1 - 10 of 100 Items