Powershell Active Directory username

Question

For a school project, i need to make a Powershell script, but to create a username, with only the first letter of the person name, and the full second name, could anyone help me with this? This is what i currently have:

Import-Module ActiveDirectory

# password for accounts
$securePassword = ConvertTo-SecureString "Welkom#1" -AsPlainText -Force


# Import the file into a variable
$users = Import-Csv -Path .\New-GaastraUserBulk.csv

# Loop trough each row, and gather Information
ForEach ($user in $users) {

    # Gather the user Information 
    $fname = $user.FirstName
    $lname = $user.LastName
    $jtitle = $user.JobTitle
    $OUpath = $user.OU
    Write-Host $fname
    Write-Host $lname
    Write-Host $jtitle
    Write-Host $OUpath

    #Gebruiker aanmaken in AD 
    New-ADUser -Name "$fname $lname" -GivenName $fname -SamAccountName $lname  -Surname $lname -UserPrincipalName "$lname" -Path $OUpath -AccountPassword $securePassword -PasswordNeverExpires $true -Enabled $true
   
}

Answer 1

Turning my comment into an answer.

You can create the user's SamAccountName quite easily, combining the first character of the users GivenName with the full LastName. However, you need to check that this SamAccountName is not already in use.

Another thing is that the UserPrincipalName should be in the form of <user>@<DNS-domain-name>.

To improve your code also using Splatting:

Import-Module ActiveDirectory

# password for accounts
$securePassword = ConvertTo-SecureString "Welkom#1" -AsPlainText -Force

# Import the file into a variable
$users = Import-Csv -Path .\New-GaastraUserBulk.csv

# Loop trough each row, and gather Information
foreach ($user in $users) {
    # first create the desired SamAccountName for the new user
    $accountName = "{0}{1}" -f $user.FirstName.Substring(0,1),$user.LastName 

    # test if a user with that SamAccountName already exists
    $checkUser = Get-ADUser -Filter "SamAccountName -eq '$accountName'" -ErrorAction SilentlyContinue
    if ($checkUser) {
        Write-Warning "SamAccountName $accountName already used for user $($checkUser.Name)"
    }
    else {
        # create a hashtable with all parameters for the New-ADUser cmdlet
        $userParams = @{
            Name                 = "$fname $lname"
            GivenName            = $user.FirstName
            Surname              = $user.LastName
            Title                = $user.JobTitle
            SamAccountName       = $accountName
            Path                 = $user.OU
            AccountPassword      = $securePassword
            PasswordNeverExpires = $true
            Enabled              = $true
            UserPrincipalName    = "$accountName@yourdomain.com"  # <-- put YOUR domain here after the '@'
            # other parameters go here if needed
        }

        New-ADUser @userParams
    }
}

Also, keep in mind that you cannot use just any character for a SamAccountName. Characters " [ ] : ; | = + * ? < > / \ , @ are illegal, aswell as non-printable characters and the dot . can not be the last character of the name.
AND, the system limits sAMAccountName to 20 characters for user objects.

To make sure, use something like:

$accountName = ($accountName -replace '["\[\]:; |=+\*\?<>/\\,@]').TrimEnd(".") -replace '^(.{1,20}).*', '$1'

Answer 2

As per the comments from others. Add this line after $lname = ...

$sam = "{0}$lname" -f $fname.Substring(0,1)

Then edit your New-ADUser line use $sam

New-ADUser .... -SamAccountName $sam ...