CODEWITHSUNDEEP
powershellactive-directory
Paco 2015
Paco 2015

Reputation: 13

AD-user script has no output

I'm creating a script for adding multiple users in Active Directory. I stumbled upon this link, when I couldn't get the guide described in the question to work either. I then tried one of the solutions in the comments

Import-Module ActiveDirectory
# this defaults to csv fields delimited by a comma. If your CSV file uses a different 
# character, then add parameter '-Delimiter' followed by the actual character
$ADUsers = Import-Csv -Path 'C:\Users\Desktop\Powershell files\EM-mis-new-AD.csv'

# the Where-Object clause is just a precaution to omit records that have no username value
$ADUsers | Where-Object { $_.username -match '\S'} | ForEach-Object {
    $Username = $_.username
    if (Get-ADUser -Filter "SamAccountName -eq '$Username'" -ErrorAction SilentlyContinue) {
        Write-Warning "A user account with SamAccountName '$Username' already exist in Active Directory."
    }
    else {
        $Firstname  = $_.firstname
        $Lastname   = $_.lastname

        # use splatting on cmdlets that use a lot of parameters
        $userParams = @{
            SamAccountName        = $Username
            UserPrincipalName     = "[email protected]"
            Name                  = "$Firstname $Lastname"
            GivenName             = $Firstname
            Surname               = $Lastname
            Enabled               = $true
            DisplayName           = "$Firstname, $Lastname"
            Path                  = $_.ou
            AccountPassword       = (ConvertTo-SecureString $_.Password -AsPlainText -Force)
            ChangePasswordAtLogon = $true
        }
        # create the user and report back
        New-ADUser @userParams

        Write-Host "Created new user '$Username' with initial password: $($_.Password)"
    }
}

Here is my CSV file

firstname;lastname;username;password;ou
Mette;Frederiksen;MeFr;Password1;OU=Salg,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local
Sussi;Hart;SuHa;Password1;OU=Salg,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local
Ove;Tylstrup;OvTy;Password1;OU=Salg,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local
Karlos;Mondolez;KaMo;Password1;OU=Lager,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local
Anne;Otto;AnOt;Password1;OU=Lager,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local
Dennis;Ågard;DeÅg;Password1;OU=Lager,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local
Helena;Riss;HeRi;Password1;OU=Okonomi,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local
Risa;Lamende;RiLa;Password1;OU=Okonomi,OU=Users,OU=RGD Aarhus,DC=rgd,DC=local

However, when I run the above code nothing happens

PS C:\Users\RGDAdmin> C:\Users\RGDAdmin\Documents\ADUser.ps1
PS C:\Users\RGDAdmin>

When I add the Delimiter parameter, I get this

Created new user 'KaMo' with initial password: Password1
New-ADUser : The directory service was unable to allocate a relative identifier
At C:\Users\RGDAdmin\Documents\ADUser.ps1:31 char:9
+         New-ADUser @userParams
+         ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (CN=Anne Otto,OU...DC=rgd,DC=local:String) [New-ADUser], ADException
+ FullyQualifiedErrorId : 
ActiveDirectoryServer:8208,Microsoft.ActiveDirectory.Management.Commands.NewADUser

PS. I know the password is bad practice in terms of passwords

Upvotes: 0

Views: 324

Answers (2)

Don Boody
Don Boody

Reputation: 3

Try reviewing this. I don't have access to ActiveDirectory to test it myself.

#helpers
        function usernameIsNotBlank {
            [CmdletBinding()]
            param(
                $Username
            )
            [regex]$rx = "\S"
            
            return $rx.match($Username)
        }
        
        function usernameDoesNotAlreadyExist {
            [CmdletBinding()]
            param(
                $Username
            )
            $UserDoesNotExist = $true
            
            $UserObject = $(
                try {
                    Get-ADUser $Username
                }
                catch {
                    $null
                }
            )
        
            if ($null -ne $UserObject) {
                $UserDoesNotExist = $false
                Write-Verbose "$Username already exists"
                
            }
            else {
                $UserDoesNotExist = $true
            }
        
            return $UserDoesNotExist
        }
        
        function suppliedUsernameIsAvailable {
            [CmdletBinding()]
            param(
                $Username
            )
        
            return ((usernameIsNotBlank -Username $Username) -and (usernameDoesNotAlreadyExist -Username $Username))
        }
        
    #script
        $OriginalVerbose = $VerbosePreference
        $VerbosePreference = "Continue"
        Import-Module ActiveDirectory
        
        $CSV = "C:\Users\Desktop\Powershell file\EM-mis-new-AD.csv"
        $Data = Import-CSV $CSV
        
        foreach ($Line in $Data) {
            if (suppliedUsernameIsAvailable($Line.username)) {
                New-ADUser -Name "$Line.firstname $Line.lastname" -GivenName "$Line.firstname" -Surname "$Line.lastname" -SamAccoutnname "$(Line.username)@mydomain.com" -AccountPassword (ConvertTo-SecureString $Line.password -AsPlainText -Force) -ChangePasswordAtLogon $true -Path "$Line.ou"
            }
        }
        $VerbosePreference = $OriginalVerbose

Upvotes: 0

Gabriel Luci
Gabriel Luci

Reputation: 40928

Your file is delimited by semicolons, so you will definitely need to specify the -Delimiter parameter. But the documentation has a caveat:

To specify a semicolon (;) enclose it in single quotation marks.

So it should look like this:

$ADUsers = Import-Csv -Delimiter ';' -Path 'C:\Users\Desktop\Powershell files\EM-mis-new-AD.csv'

If that still results in that RID error, then there's possibly something wrong on the server. Can you create users manually using AD Users and Computers?

Upvotes: 2

Related Questions