PowerShell - Create New AD User Using Prompts and Variables
-
I created the following PowerShell script that works to create a new AD user and respective attributes, as long as I update the script with the user's name every time I want to run it. Here is what I have:
Import-Module ActiveDirectory New-ADUser -Name "John Doe" -GivenName "John" -Surname "Doe" -SamAccountName "John" -DisplayName "John Doe" -UserPrincipalName "[email protected]" -Country "US" -EmailAddress [email protected] -Path "OU=email1.com,OU=User Accounts,DC=ADDomain,DC=com" -AccountPassword(Read-Host -AsSecureString "Input Password") -Enabled $true Set-ADUser -Identity John -Add @{Proxyaddresses="SMTP:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]"} Add-ADGroupMember -Identity Office365Users -Members JohnI would like to do something with prompts to set variables regarding the name. I have tried doing this, but can't get the combined variables with a period in between working properly for the email addresses, the space in between the first and the last name for name/display name and possibly adding them to the the various domains, both UPN and email. Here is what I have so far.
Import-Module ActiveDirectory $GivenName = Read-Host -Prompt "Enter First Name" $Surname = Read-Host -Prompt "Enter Last Name" $SecurePW = Read-Host -Prompt "Enter a Password" -AsSecureString New-Variable -Name $DisplayName = "${GivenName}${Surname}" New-ADUser -Name "$DisplayName" ` -AccountPassword $SecurePW ` -SamAccountName $GivenName ` -DisplayName $DisplayName ` -PasswordNeverExpires $True ` -UserPrincipalName $GivenName + "@UPNDomain.com" ` -Country US ` -EmailAddress $GivenName + "." + $Surname + "@email1.com" ` -Path "OU=email1.com,OU=User Accounts,DC=upn,DC=com" ` -Enabled $True Set-ADUser -Identity $GivenName -Add @{Proxyaddresses="SMTP:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]"} Add-ADGroupMember -Identity Office365Users -Members $GivenNameI get an error starting at New-ADUser : A positional parameter cannot be found that accepts argument '+'. on line 6 char1. I have messed around with syntax several times, so it may or may not be "complete", but I do know that it is wrong LOL
-
-UserPrincipalName "[email protected]" ` -EmailAddress "[email protected]" `
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
-UserPrincipalName $GivenName + "@UPNDomain.com" `Try changing your lines like that to like this...
-UserPrincipalName "[email protected]"You'll need to do this for anything that has a plus sign in it.
Edit: You'll need to fix the Email Address too.
-
You're going to need to do some concentanation on your usernames in order to get the period included in the spot you want. Take a look at my script. There is a place where it is concentanated for the first name and last name for the email address and last name + first initial for usernames.
https://mangolassi.it/topic/13324/creating-new-user-without-o365-with-powershell
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
-EmailAddress $GivenName + "." + $Surname + "@email1.com" `
Here, I think you're going to want to try something like:
-join ($GivenName,".",$SurName,"@email1.com")
-
What about creating a new variable by combining two existing variables? (For the display name)
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
What about creating a new variable by combining two existing variables? (For the display name)
Of course you can. But why clutter up more variables?
-
@JaredBusch - Well, it didn't work when I used the first 2 together. At least, with the syntax I had. Also, it would be nice to know how to do it. But, I would settle for getting the display name Jon Doe with a space in it using the 2 existing variables.
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
@JaredBusch - Well, it didn't work when I used the first 2 together. At least, with the syntax I had. Also, it would be nice to know how to do it. But, I would settle for getting the display name Jon Doe with a space in it using the 2 existing variables.
$DisplayName="$GivenName $SurName"?
-
@dafyre I'll try that. I think I may have already tried it. I did all sorts of iterations.
-
Import-Module ActiveDirectory $GivenName = Read-Host -Prompt "Enter First Name" $Surname = Read-Host -Prompt "Enter Last Name" $SecurePW = Read-Host -Prompt "Enter a Password" -AsSecureString $DisplayName = "$GivenName $Surname" New-ADUser -Name $DisplayName `Results in this error
New-ADUser : A positional parameter cannot be found that accepts argument '+'. At \\FP02\it\Scripts\AD\AD-InitialUserCreationVariables.ps1:6 char:1 + New-ADUser -Name $DisplayName ` + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.NewADUser
-
If I get rid of the attempt to combine the 2 existing variables into a 3rd, I get this error.
New-ADUser : A positional parameter cannot be found that accepts argument '+'. At \\FP02\it\Scripts\AD\AD-InitialUserCreationVariables.ps1:5 char:1 + New-ADUser -Name "$GivenName $Surname" ` + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.NewADUser
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
If I get rid of the attempt to combine the 2 existing variables into a 3rd, I get this error.
New-ADUser : A positional parameter cannot be found that accepts argument '+'. At \\FP02\it\Scripts\AD\AD-InitialUserCreationVariables.ps1:5 char:1 + New-ADUser -Name "$GivenName $Surname" ` + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.NewADUserIf you did not fix UserPrincipalName and EmailAddress as well, it will still error.
-
This is why you run things manually and not in scripts until you know WTF you are doing.
Use the PowerShell ISE, that is what it is for.
You also do not have the Country in quotes. It is a string value.
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
What about creating a new variable by combining two existing variables? (For the display name)
$displayName = join ($GivenName," ",$SurName)
-
@dafyre said in PowerShell - Create New AD User Using Prompts and Variables:
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
@JaredBusch - Well, it didn't work when I used the first 2 together. At least, with the syntax I had. Also, it would be nice to know how to do it. But, I would settle for getting the display name Jon Doe with a space in it using the 2 existing variables.
$DisplayName="$GivenName $SurName"?This would result in literally being given $GivenName $SurName whenever you ask for $DisplayName.
-
@NerdyDad said in PowerShell - Create New AD User Using Prompts and Variables:
@dafyre said in PowerShell - Create New AD User Using Prompts and Variables:
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
@JaredBusch - Well, it didn't work when I used the first 2 together. At least, with the syntax I had. Also, it would be nice to know how to do it. But, I would settle for getting the display name Jon Doe with a space in it using the 2 existing variables.
$DisplayName="$GivenName $SurName"?This would result in literally being given $GivenName $SurName whenever you ask for $DisplayName.
That's what he wants as I see his code above.
-
-
@JaredBusch said in PowerShell - Create New AD User Using Prompts and Variables:
Corrected. Thank you sir.
-
@JaredBusch said in PowerShell - Create New AD User Using Prompts and Variables:
This is why you run things manually and not in scripts until you know WTF you are doing.
Use the PowerShell ISE, that is what it is for.
You also do not have the Country in quotes. It is a string value.
I am running it manually and I am running it in ISE.
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
@JaredBusch said in PowerShell - Create New AD User Using Prompts and Variables:
This is why you run things manually and not in scripts until you know WTF you are doing.
Use the PowerShell ISE, that is what it is for.
You also do not have the Country in quotes. It is a string value.
I am running it manually and I am running it in ISE.
Change your
New-ADUserto aWrite-Hostand keep adding to the concatenated line until it breaks.
-
@JaredBusch said in PowerShell - Create New AD User Using Prompts and Variables:
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
@JaredBusch said in PowerShell - Create New AD User Using Prompts and Variables:
This is why you run things manually and not in scripts until you know WTF you are doing.
Use the PowerShell ISE, that is what it is for.
You also do not have the Country in quotes. It is a string value.
I am running it manually and I am running it in ISE.
Change your
New-ADUserto aWrite-Hostand keep adding to the concatenated line until it breaks.Write-host is one of the best debugging tools for poweshell. Does ISE have the ability to report what variable is assigned to what at a given step?
-
Thanks, everyone. Write-host was a great tool. I have found the following to work from start to finish.
Edit: Added GivenName and Surname parameters
Import-Module ActiveDirectory $GivenName = Read-Host -Prompt "Enter First Name" $Surname = Read-Host -Prompt "Enter Last Name" $SecurePW = Read-Host -Prompt "Enter a Password" -AsSecureString New-ADUser -GivenName $GivenName ` -Surname $Surname ` -Name "$GivenName $Surname" ` -AccountPassword $SecurePW ` -SamAccountName $GivenName ` -DisplayName "$GivenName $Surname" ` -PasswordNeverExpires $True ` -UserPrincipalName "[email protected]" ` -Country "US" ` -EmailAddress "[email protected]" ` -Path "OU=email1.com,OU=User Accounts,DC=upn,DC=com" ` -Enabled $True Set-ADUser -Identity "$GivenName" -Add @{Proxyaddresses="SMTP:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]", "smtp:[email protected]"} Add-ADGroupMember -Identity Office365Users -Members $GivenName
-
@wrx7m Now you have to make a stupid proof because what if I just had to enter each time and asked me for information?
-
@JaredBusch said in PowerShell - Create New AD User Using Prompts and Variables:
@wrx7m Now you have to make a stupid proof because what if I just had to enter each time and asked me for information?
I wonder if it would allow no first and last name before erroring out. It shouldn't be able to create it, because those variables are used to create the UPN. No UPN, no workie. I do know that you have to specify a password that adheres to the domain policy.
-
@wrx7m said in PowerShell - Create New AD User Using Prompts and Variables:
If I get rid of the attempt to combine the 2 existing variables into a 3rd, I get this error.
New-ADUser : A positional parameter cannot be found that accepts argument '+'. At \\FP02\it\Scripts\AD\AD-InitialUserCreationVariables.ps1:5 char:1 + New-ADUser -Name "$GivenName $Surname" ` + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (:) [New-ADUser], ParameterBindingException + FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.ActiveDirectory.Management.Commands.NewADUserLike this I think:
New-ADUser -Name "$($GivenName) $($Surname)"`From: https://blogs.technet.microsoft.com/stefan_stranger/2013/09/25/powershell-sub-expressions/
