Microsoft Windows Server is a popular operating system that you see running in almost every…
Bulk create AD Users with random passwords
In the previous article, we discussed how to Create Active Directory Users from CSV with PowerShell. After the article got published, a question got asked by a reader. The question is as follows: Is it possible to automate the password workflow when creating new AD Users? The answer is: Yes, it’s possible. We can automate the passwords with PowerShell. In this article, you will learn how to bulk create AD Users with random passwords.
Table of contents
Before you start to bulk create AD Users
In the article, we are going to use the following files:
File | Info |
---|---|
NewUsersRP.csv | CSV template that contains the user accounts information |
Add-NewUsersRandomPasswords.ps1 | PowerShell script that will create user accounts with random passwords |
How it works
The PowerShell script will automatically create AD users from CSV file and generate random passwords for the users. After the user accounts are created with random passwords, a new CSV file will be exported. In that file, you will have the passwords column with the created passwords.
Prepare Add-NewUsersRandomPasswords PowerShell script
Before you start, you want to place the files in the right place. We recommend creating two folders with the name Scripts and Temp on the C:\ drive of the Management Server or Domain Controller.
Download the Powershell script Add-NewUsersRandomPasswords.ps1 (direct link). Save the file in the path C:\Scripts\.
- Change line 7 if you are willing to place the CSV file to a different path then C:\scripts\.
- Change line 10 if you want to export the CSV with passwords to a different path then C:\temp\.
- Change line 13 to your UserPrincipalName (UPN). In our example, it’s exoip.com.
Download and edit CSV template
Download the CSV template NewUsersRP.csv (direct link). Save the file in C:\Temp\.
Open the CSV file with your favorite editor. For example, Microsoft Excel. Edit the CSV file to your needs and save it.
Import CSV file in PowerShell
Before you start running the PowerShell script, it’s good to import the CSV file in PowerShell first. Run PowerShell as administrator. Change the directory to C:\temp\. Make use of the Import-Csv cmdlet.
PS C:\> cd C:\temp
PS C:\temp> Import-Csv NewUsersRP.csv | Format-Table
FirstName Initials Lastname Username Email StreetAddress City ZipCode State Department
--------- -------- -------- -------- ----- ------------- ---- ------- ----- ----------
Max MF Fraser Max.Fraser Max.Fraser@exoip.com 21 Baker St London NW1 6XE IT
Piers PB Bower Piers.Bower piers.bower@exoip.com 21 Baker St London NW1 6XE IT
Kylie KD Davidson Kylie.Davidson Kylie.Davidson@exoip.com 21 Baker St London NW1 6XE IT
Richard RG Grant richard.grant richard.grant@exoip.com 21 Baker St London NW1 6XE IT
Boris BC Campbell Boris.Campbell boris.Campbell@exoip.com 21 Baker St London NW1 6XE IT
Nicholas NM Murray Nicholas.Murray Nicholas.Murray@exoip.com 21 Baker St London NW1 6XE IT
Leonard LC Clark Leonard.Clark Leonard.Clark@exoip.com 21 Baker St London NW1 6XE IT
Ruth RD Dickens Ruth.Dickens Ruth.Dickens@exoip.com 21 Baker St London NW1 6XE IT
Jonathan JF Fisher Jonathan.Fisher Johnathan.Fisher@exoip.com 21 Baker St London NW1 6XE IT
Zoë ZR Rees Zoe.Rees Zoe.Rees@exoip.com 21 Baker St London NW1 6XE IT
If you don’t see all the information in the output, make use of the Out-GridView cmdlet.
PS C:\temp> Import-Csv NewUsersRP.csv | Out-GridView
It will show as below screen.
If you get errors when importing the CSV file, troubleshoot further before proceeding to the next step.
Run Add-NewUsersRandomPasswords PowerShell script
Before running the script
Start Active Directory Users and Computers (ADUC). Good to know is that the script will not create the Organizational Unit (OU). Create the OU if you don’t have it in AD.
In our example, the OU with the name IT is created and is empty.
Let’s run the script to create AD users.
PS C:\> cd scripts
PS C:\scripts> .\Add-NewUsersRandomPasswords.ps1
The user account Max.Fraser is created.
The user account Piers.Bower is created.
The user account Kylie.Davidson is created.
The user account Richard.Grant is created.
The user account Boris.Campbell is created.
The user account Nicholas.Murray is created.
The user account Leonard.Clark is created.
The user account Ruth.Dickens is created.
The user account Jonathan.Fisher is created.
The user account Zoe.Rees is created.
Press Enter to exit:
If you run the script and the user is already created in AD, you will get the following.
PS C:\> cd \scripts
PS C:\scripts> .\Add-NewUsersRandomPasswords.ps1
WARNING: A user account with username Max.Fraser already exists in Active Directory.
WARNING: A user account with username Piers.Bower already exists in Active Directory.
WARNING: A user account with username Kylie.Davidson already exists in Active Directory.
WARNING: A user account with username Richard.Grant already exists in Active Directory.
WARNING: A user account with username Boris.Campbell already exists in Active Directory.
WARNING: A user account with username Nicholas.Murray already exists in Active Directory.
WARNING: A user account with username Leonard.Clark already exists in Active Directory.
WARNING: A user account with username Ruth.Dickens already exists in Active Directory.
WARNING: A user account with username Jonathan.Fisher already exists in Active Directory.
WARNING: A user account with username Zoe.Rees already exists in Active Directory.
Press Enter to exit:
After running the script
The OU with the name IT is filled with new users.
New CSV file including the random passwords
A new CSV file will be created in the C:\temp\ folder. The CSV file will have the name Passwords with the date and time appended. For example, Passwords_13-09-2020_20384101.csv.
Open the CSV file with your favorite program. For example, Microsoft Excel. The CSV file will contain a new column with the name Initial Password. These are the generated passwords.
Did this help you to bulk create AD Users with random passwords?
Keep reading: Active Directory weak password checker »
Conclusion
To sum it up, you learned how to bulk create AD Users with random passwords. These random passwords are generated automatically with PowerShell. If you need to bulk create AD users, I recommend you to use this PowerShell script.
Did you enjoy this article? If so, you may like the article Bulk move AD users to another OU with PowerShell. Don’t forget to follow us and share this article.
Hi ALI TAJRAN,
Thank you so much for your script and for sharing your idea.Really helpful.
Hi Ali
question for you when I ran the script it created the account with no problem, but it doesn’t create the password file
Export-Csv : The given path’s format is not supported.
At line:1 char:13
+ $DataBase | Export-Csv -Encoding UTF8 $ExportPath -NoTypeInformation
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (:) [Export-Csv], NotSupportedException
+ FullyQualifiedErrorId : FileOpenFailure,Microsoft.PowerShell.Commands.ExportCsvCommand
Hi Paul,
It looks like you edited the script.
When doing that, I can’t see what’s going on and give you an answer.
Hi,
Is there a way to use the script but not for AD User, only for local user on many computer?
I mean create a user local account
Regards
Hi
This is great content. How would I use this to import already created users, change their password, spit out a report (with passwords) but not create new users?
thank you
Hello There,
Thank you fore the script. Really helpful.
Say if i have different sites and have users in different OU’s how can we modify the script so that when the script is run the users are created in respective OU’s
Thank you
Hi Pavan,
I am glad that you find it helpful.
– Change line 13 in the PS script to the UPN you like to set.
– Get the OUs distinguishedName that you want to create the users in. Place that in the CSV file under the header OU.
After the above changes, run the script.
Hello Ali,
I was thinking if we can use IF statements having the office header in the csv so that the user are moved while the accounts are created and get location specific settings like address telephone number and then add them to location based security and distribution groups?
like for example
if office eq london
OU=
Telephone=
Address =
etc
and then add then to security and DL?
Thank you