Adding a Basic Active Directory User from PowerShell

  • Adding a user via PowerShell to Active Directory is actually quite simple. The command to add users has many options allowing you to fill in any details needed for the AD database. We will keep our example simple, however.

    First we need to create a secure password variable (you can modify the command to prompt during usage as well.)

    $password = Read-Host -AsSecureString

    This will bring up a silent prompt where you can safely type in a password string that will not be visible to someone looking over your shoulder and is not visible by echoing the variable, either. This will then be used in our command (especially handy if you want to make many users with a single, standard starting password.)

    Now to actually create our first user. Many of these fields are optional and many more exist.

    New-ADUser -Name "Scott Alan Miller" -GivenName Scott -SurName Miller -SamAccountName scott -UserPrincipalName [email protected] -AccountPassword $password -PassThru | Enable-ADAccount

    Very simple. The last portion, -PassThru | Enable-ADAccount is not needed unless you want to enable the account immediately. What this command does it forces the output of the resulting new account object via the -PassThru directive which is then piped out to the Enable-ADAccount command that enables whatever account variable is passed to it.

    We can use the Get-ADUser account to see that what we have done has worked properly.

    0_1469127101328_Screenshot from 2016-07-21 14:44:38.png