There are few ways to create user objects in Active Directory. If it’s using GUI, it can be done using Active Directory Administrative Center or Active Directory Users and Computers MMC. If it is using command line, it can be done using windows command-line or PowerShell. In this demo, I am going to show how we can create user object using PowerShell.
In order to create user object in active directory we can use New-ADUser cmdlet in PowerShell. You can view the full syntax for the command along with the accepted data types using,
Get-Command New-ADUser -Syntax
In order to create a New User account using PowerShell the minimum value you need to pass is -Name. it will create a disabled user account and you still can define values for other attributes later.
This is a sample which can use to create a user account,
New-ADUser -Name "Talib Idris" -GivenName "Talib" -Surname "Idris" -SamAccountName "tidris" -UserPrincipalName "email@example.com" -Path "OU=Users,OU=Europe,DC=rebeladmin,DC=com" -AccountPassword(Read-Host -AsSecureString "Type Password for User") -Enabled $true
In the command,
Name – Defines the Full Name
Given Name – Defines the First Name
Surname – Defines the Surname
SamAccountName – Defines the User Name
UserPrincipalName – Defines the UPN for the user account
Path – Defines the OU path. The default location is “CN=Users,DC=rebeladmin,DC=com”
AccountPassword – This will allow user to input password for the user and system will convert it to the relevant data type
Enable – defines if the user account status is enabled or disabled.