Copy AD user to new one.

This topic contains 5 replies, has 3 voices, and was last updated by  Jeremie Lauzier 2 years, 2 months ago.

  • Author
    Posts
  • #27308

    Jeremie Lauzier
    Participant

    Hi guys,

    I need to figure something and I think I miss it.
    In the AD Users and Computer mmc, you can do a right click on a user and select Copy. This will create a new user with some information from the source user.
    I tried to figure, how I can do that with PowerShell ?

    I tried this :

    New-ADUser -SamAccountName testps2 -AccountPassword (Read-Host "Password" -AsSecureString) -Instance testps

    But this creates the user, but it's blank. So I think my -Instance not worked. This I miss something.

    Thanks !

    Jeremie

  • #27309

    Don Jones
    Keymaster

    The help for New-ADUser actually covers this. For example:

    Method 2: Use a template to create the new object. To do this, create a new user object or retrieve a copy of an existing user object and set the Instance parameter to this object. The object provided to the Instance parameter is used as a template for the new object. You can override property values from the template by setting cmdlet parameters. For examples and more information, see the Instance parameter description for this cmdlet.

    So you'd use Get-ADUser to get the source user into a variable, and then pass that to the -Instance parameter of New-ADUser.

    The help covers other techniques as well, and provides some examples.

  • #27310

    Richard Siddaway
    Moderator

    Use the -Instance parameter on New-AdUser to specify a user account to copy. You'll need to specify the properties you want to copy and you CAN'T use * as you'll attempt to copy the SID and get an error.

    I cover this in detail in chapter 2 of Learn AD management in a month of Lunches – http://www.manning.com/siddaway3/

  • #27312

    Jeremie Lauzier
    Participant

    Thanks for the answers.

    Tried this :

    $t = Get-ADUser testps
    New-ADUser -SamAccountName testps2 -AccountPassword (Read-Host "Password" -AsSecureString) -Instance $t
    

    But this gives me a weird result. The new user has the same User logon name of the source user. Only the User logon name (pre-Windows 2000) as changed.
    And nothing follows, not the telephone, the fax, the group membership, etc.

    Did I need to put in variables each value I want from source to push it to the new user ?

    Thanks !

  • #27330

    Richard Siddaway
    Moderator

    Yes – you are using the old user account as a template so all properties you retrieve for the old account will be copied across. Using a template like this is mot use where you have a set of properties – often group memberships & organization related properties – that you want to duplicate.

    You have to set all other properties on the new account – especially the name related properties

  • #27384

    Jeremie Lauzier
    Participant

    Thanks !
    I started to figure how I will do it.

    Have a great day.

You must be logged in to reply to this topic.