How to created multiple users in different OUs based on data from a CSV file?

This topic contains 5 replies, has 3 voices, and was last updated by Profile photo of A R A R 1 year, 10 months ago.

  • Author
    Posts
  • #22310
    Profile photo of A R
    A R
    Participant

    Hello there,

    I'll start by pointing out that I am very new to PowerShell and to this forum.

    So here is my situation:

    I managed to find a script that created multiple users in AD based on a .csv file. Originally the .csv file included the following headers: CN,sAMAccountName,LastName,FirstName. I managed to add a Group header so that the created users are made members of groups based on what is on the .csv file.
    It all works perfectly as I want it to. But now I want to add another header, "ParentOU" so that users will be created in or moved to the OU specified in the "ParentOU" column. That I was not able to include in my script and I am wondering if someone here could help me with that.

    Sample .csv entry:

    CN,sAMAccountName,LastName,FirstName,Group,ParentOU
    John Smith,SMIJ030787,Smith,John,Class01,'OU=Winter2015,OU=Students,DC=Domain,DC=Local'
    

    Script:

    $dataSource=import-csv -Path "C:\Users.csv"
    foreach($dataRecord in $datasource) {
    $cn=$dataRecord.cn
    $sAMAccountName=$dataRecord.sAMAccountName
    $givenName=$dataRecord.FirstName
    $sn=$dataRecord.LastName
    $group=$dataRecord.Group
    $ou=$dataRecord.ParentOU
    $displayName=$givenName + " " + $sn
    $userPrincipalName=$sAMAccountName + "@domain.local"
    $objUser=$objOU.Create("user","CN="+$cn)
    $objUser.Put("sAMAccountName",$sAMAccountName)
    $objUser.Put("userPrincipalName",$userPrincipalName)
    $objUser.Put("displayName",$displayName)
    $objUser.Put("givenName",$givenName)
    $objUser.Put("sn",$sn)
    $objUser.SetInfo()
    $objUser.SetPassword("SomePassword123")
    $objUser.Put("pwdLastSet",0)
    $objUser.psbase.InvokeSet("AccountDisabled",$false)
    $objUser.SetInfo()
    Add-ADGroupMember -Identity $group -Member $dataRecord.sAMAccountName
    }
    

    As you can see from the script code, I defined a variable $ou for the OU in which the user is to be created at, but unfortunately, I don't know how to continue with the proper command to make it work.

    Thank you for all your help,

  • #22315
    Profile photo of Tim Pringle
    Tim Pringle
    Participant

    Hey A R,

    I think there's maybe a different way to approach that will make it a bit simpler. At the moment it looks like you have a mix of ADSI and the PS AD cmdlets.

    There is an AD cmdlet, New-ADUser, which can be used for doing the account creation. What's nice is that amongst other things, it has a -Path parameter where you can specific the location where the account is to be created. I've put some sample code below.

    PowerShell also has is a fantastic feature called splatting. This allows us to define a hash table (called $properties below) which provided it contains the name of the parameter and it's value means that we can group these nicely together and just pass that hash table ($properties) to the cmdlet. For commands like New-ADUser, this is great because you can have some serious long lines of parameters and settings. You'll notice that when you put it after the cmdlet name, you use a '@' in place of the '$' defined in the hash table.

    Try the code below, and let us know how you get on. 🙂

    $datasource = Import-Csv -Path 'C:\Users.csv'
    foreach($dataRecord in $datasource) 
    {
        $secpasswd = ConvertTo-SecureString -String 'password' -AsPlainText -Force 
    
        $properties = @{
            DisplayName       = "$($dataRecord.FirstName) $($dataRecord.sn)"
            SAMaccountName    = $dataRecord.sAMAccountName
            Surname           = $dataRecord.LastName
            Path              = $dataRecord.ParentOU
            UserPrincipalName = $sAMAccountName + '@domain.local'
            GivenName         = $dataRecord.FirstName
            AccountPassword   = $secpasswd
            Enabled           = $True
            Name              = $datasource.cn
        }
    
        New-ADUser @properties
        Add-ADGroupMember -Identity $group -Member $dataRecord.sAMAccountName
    }
    
  • #22316
    Profile photo of K. Chris Nakagaki
    K. Chris Nakagaki
    Participant

    In the case where the user is already created based on script above:
    Move-ADObject -Identity (Get-ADUser $DataRecord.sAMAccountName) -TargetPath $OU

    Or in your example above you could change the following line:
    $objUser=$ObjOU.Create("user","CN=" + $cn + "," + $OU)

    The second one I'm not so sure on simply because I am unsure of the $ObjUser object type. Haven't played much in AD cmdlets unfortunately.

  • #22328
    Profile photo of A R
    A R
    Participant

    Hello Tim Pringle,

    I kind of knew that there is/are something mixed in the code I provided above but I didn't know what. I'm glad you pointed that out.
    Your code looks a lot more "elegant" than the one I posted.

    I'm going to give it a try and see how it works. I'll post my findings later.

    Thank you so much for your help.

  • #22329
    Profile photo of A R
    A R
    Participant

    Hello K. Chris Nakagaki,

    The line that you added is most likely the line that I couldn't figure out how to write by myself.
    It looks like it will also work. However as I mentioned in my reply to Tim Pringle, his code is a lot more elegant than mine so I might rethink my whole strategy.

    I am still going to give your line of code a try and see if it works for me and post my findings.

    Thank you so much for your help, I truly appreciate it.

  • #22340
    Profile photo of A R
    A R
    Participant

    Hello K. Chris Nakagaki,,

    Your solution seemed to work better and since it requires little to no modifications of the existing code, I adopted it...
    Now, since each new user could also be a member of a different group, how would I add a description such as "Member of Groupxxx" where Groupxxx should be based on $group variable to the users' properties?

    Thank you,
    AR

You must be logged in to reply to this topic.