Copying an ADUser

Tagged: 

This topic contains 6 replies, has 3 voices, and was last updated by Profile photo of Tony Antony Tony Antony 6 days, 13 hours ago.

  • Author
    Posts
  • #59137
    Profile photo of Tony Antony
    Tony Antony
    Participant

    Hello,

    I have AD User person6 in AD. I'm trying to create a new AD User called person7 by copying person6

    $copy = Get-ADUser -Identity person6
    New-ADUser person7 -Instance $copy

    But, it's giving me an error

    New-ADUser : Unknown error (0x21c8)
    At \\hqfs1\users\tantony\PowerShell\HRSecurityForms\test.ps1:4 char:1
    + New-ADUser person7 -Instance $copy

    If this works, does it also copy the new user into the same AD OU as the instance user?

    Thank you,

    Tony

  • #59140

    Hi

    What if you collect all needed parameters and values and use splatting into New-ADUser? I think that would be better solution when copying and creating new AD account.

    https://technet.microsoft.com/en-us/library/gg675931.aspx

    Jake

  • #59146
    Profile photo of Tony Antony
    Tony Antony
    Participant

    I use splatting to create users in branches and it's working fine, but I'm working on the part where I create users in headquarters. I figured it might be easier to find a person with the same title as the new employee and copy them.

  • #59158
    Profile photo of Tony Antony
    Tony Antony
    Participant

    I figured out to copy a user, and grab info such as the telephoneNumber, Managers etc. I think I had the instance backwards earlier.

    $u=Get-ADUser -Identity person6 -Properties HomeDirectory, Manager, ProfilePath, Description, Office, telephoneNumber
    
    New-ADUser -Instance $u -SamAccountName person7 –UserPrincipalName person7Reid@mycompany.com –Name 'Person 7' -AccountPassword (ConvertTo-SecureString -AsPlainText "p@ssw0rd" -Force)

    I want the new user to be in the same OU as the copying user. How would I do that? I tried this below and it didn't work. It doesn't move it to the correct DistinguishedName, it creates the new user in the default Users OU. Also, how would I copy the "Member of" to the new user also?

    $u=Get-ADUser -Identity person6 -Properties HomeDirectory, Manager, ProfilePath, Description, Office, telephoneNumber, DistinguishedName

    Thanks,

    Tony

  • #59160

    Hi

    One way to add same groups can be following.

    $Groups = (Get-ADUser -Identity TestUser2 -Properties Memberof).MemberOF
    Add-ADPrincipalGroupMembership -Identity TestUser1 -MemberOf $Groups
    

    Or not so readable, I wouldn't use this on script.

    Add-ADPrincipalGroupMembership -Identity TestUser1 -MemberOf $((Get-ADUser -Identity TestUser2 -Properties Memberof).memberOF)
    

    The same OU, First what comes to mind is to split the DistinguishedName and recreate the Path with that but I do not this that would be the best idea.

    Edit. Found following link: https://social.technet.microsoft.com/Forums/windowsserver/en-US/830ff383-9057-45d8-ae10-5e567efd36f8/how-to-get-parent-container-path-of-the-ad-user-object?forum=winserverpowershell

    Tried this and it was working, result was OU from AD user.

    Get-ADUser -Identity testuser3 -Properties distinguishedname,cn | 
        select @{n='Path';e={$_.distinguishedname -replace "CN=$($_.cn),",''}} |
            select -ExpandProperty Path
    

    Following seems like working.

    $From = 'person6'
    $To = 'person7'
    
    $u = Get-ADUser -Identity $from -Properties HomeDirectory, Manager, ProfilePath, Description, Office, telephoneNumber, memberof, distinguishedName, cn
    $Groups = ($u).memberof
    $Path = ($u | select @{n='Path';e={$_.distinguishedname -replace "CN=$($_.cn),",''}}).Path
    
    New-ADUser -Instance $u -Path $Path -SamAccountName $To –UserPrincipalName person7Reid@mycompany.com –Name 'Person 7' -AccountPassword (ConvertTo-SecureString -AsPlainText "p@ssw0rd" -Force)
    
    Add-ADPrincipalGroupMembership -Identity $To -MemberOf $Groups
    

    Jake

  • #59161
    Profile photo of Jeffery Hayes
    Jeffery Hayes
    Participant

    I remember this was asked before last year and found the old Bookmark.

  • #59164
    Profile photo of Tony Antony
    Tony Antony
    Participant

    Thanks all, I'll try that

You must be logged in to reply to this topic.