0

I have a question about how to add users to AD using powershell, ive written a small script but i always get an error when i try to create a user.

$connection= "LDAP://ou=Users, dc="domain", dc="com" 
    $OU = [adsi] $Connection
            $User = $OU.Create("user", "Test Person")
            $User.Put("Firstname", "Test")
            $User.Put("Surname", Person)
            $User.Put("Email", "[email protected]")
            $User.SetInfo()

I think my connection string is wrong, but i tried different ways already and still no success. This im trying locally. Need to get it working but then normally my AD is on different server, how to do it then?

Thanks in advance.

Improve this question

2 Answers 2

Reset to default
3

Give this a try:

$container = [ADSI] "LDAP://dc.sopragroup.lan/cn=Users,dc=sopragroup,dc=lan"
$UserName = "user"
$User = $container.Create("User", "cn=" + $UserName)
$User.Put("sAMAccountName", $UserName)
$User.Put("givenName", "Test")
$User.Put("sn", "Person")
$User.Put("mail", "[email protected]")
$User.SetInfo()
$User.psbase.InvokeSet('AccountDisabled', $false)
$User.SetInfo()
$User.SetPassword("P@55w0rd")
Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

I get a following error: The following exception occurred while retrieving member "Create": "A referral was returned from the server. " At C:\Users\User\Desktop\addusers.ps1:72 char:10 + $User = <<<< $container.Create("user", "cn=Test Person") + CategoryInfo : NotSpecified: (:) [], ExtendedTypeSystemException + FullyQualifiedErrorId : CatchFromBaseGetMember
@user1002583 Did you change the LDAP string to match your environment? This tested out ok on a test domain controller I have. Of course I had to change the domain name to match. This page talks about the error you got and it looks like your LDAP string needs to be corrected. Also do you have UAC running? If so make sure to run PowerShell elevated.
@user1002583 I updated the LDAP string in my answer to match your screenshot.
Ok it seems i succeeded to add one person locally, but what if my AD is not local but on other server, how will my connection string look like? And another question how do i add pictures to accounts?
@user1002583 Glad it worked for you. Please make sure to mark the answer you found helped you as the answer. I suggest creating a new post for your question about how to add a picture to AD accounts. Thanks.
|
1

Here is another example (@Andy Arismendi was first) with some other details:

  1. If you want to give a user and a password (log onto the server with a different user than the current one), you can use the DirectoryEntry constructor
  2. An error that is commonly done is that when you create an object in a directory, the name that represent this object in the directory tree is built with the construction : attribute=value. In Active-Directory you can't choose the the attribute it's imposed by the schema. For a user or an inetOrgPerson it's CN for an organizationalUnit it's OU. In your case the name of the object is CN=Test Person.

You'll find here under the creation of an OU and a user.

Clear-Host
$dn = New-Object System.DirectoryServices.DirectoryEntry ("LDAP://192.168.234.200:389/dc=dom,dc=fr","[email protected]","admin")

# Create an OU
$Monou = $dn.create("OrganizationalUnit", "ou=Monou")
#$Monou.Description = "Une description"
$Monou.put("Description", "Une description")
$Res = $Monou.Setinfo()


# Create a user
$objUtilisateur = $Monou.create("inetOrgPerson", "cn=Marc Assin")
$objUtilisateur.setinfo()

$objUtilisateur.samaccountname = "Massin"
$objUtilisateur.givenName = "Marc"
$objUtilisateur.sn = "Assin"
#$objUtilisateur.displayName = $objUtilisateur.givenName + " " + $objUtilisateur.sn
$objUtilisateur.userPrincipalName = "[email protected]"

# Pu the state of the account#$objUtilisateur.SetPassword("test.2010")
$objUtilisateur.pwdLastSet = 0
$objUtilisateur.userAccountControl = 544 

# Write the datas of the user
$objUtilisateur.SetInfo()
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.