How to created multiple users in different OUs based on data from a CSV file?

PowerShell Help
1

Hello there,

I’ll start by pointing out that I am very new to PowerShell and to this forum.

So here is my situation:

I managed to find a script that created multiple users in AD based on a .csv file. Originally the .csv file included the following headers: CN,sAMAccountName,LastName,FirstName. I managed to add a Group header so that the created users are made members of groups based on what is on the .csv file.
It all works perfectly as I want it to. But now I want to add another header, “ParentOU” so that users will be created in or moved to the OU specified in the “ParentOU” column. That I was not able to include in my script and I am wondering if someone here could help me with that.

Sample .csv entry:

CN,sAMAccountName,LastName,FirstName,Group,ParentOU
John Smith,SMIJ030787,Smith,John,Class01,'OU=Winter2015,OU=Students,DC=Domain,DC=Local'

Script:

$dataSource=import-csv -Path "C:\Users.csv"
foreach($dataRecord in $datasource) {
$cn=$dataRecord.cn
$sAMAccountName=$dataRecord.sAMAccountName
$givenName=$dataRecord.FirstName
$sn=$dataRecord.LastName
$group=$dataRecord.Group
$ou=$dataRecord.ParentOU
$displayName=$givenName + " " + $sn
$userPrincipalName=$sAMAccountName + "@domain.local"
$objUser=$objOU.Create("user","CN="+$cn)
$objUser.Put("sAMAccountName",$sAMAccountName)
$objUser.Put("userPrincipalName",$userPrincipalName)
$objUser.Put("displayName",$displayName)
$objUser.Put("givenName",$givenName)
$objUser.Put("sn",$sn)
$objUser.SetInfo()
$objUser.SetPassword("SomePassword123")
$objUser.Put("pwdLastSet",0)
$objUser.psbase.InvokeSet("AccountDisabled",$false)
$objUser.SetInfo()
Add-ADGroupMember -Identity $group -Member $dataRecord.sAMAccountName
}

As you can see from the script code, I defined a variable $ou for the OU in which the user is to be created at, but unfortunately, I don’t know how to continue with the proper command to make it work.

Thank you for all your help,

2

Hey A R,

I think there’s maybe a different way to approach that will make it a bit simpler. At the moment it looks like you have a mix of ADSI and the PS AD cmdlets.

There is an AD cmdlet, New-ADUser, which can be used for doing the account creation. What’s nice is that amongst other things, it has a -Path parameter where you can specific the location where the account is to be created. I’ve put some sample code below.

PowerShell also has is a fantastic feature called splatting. This allows us to define a hash table (called $properties below) which provided it contains the name of the parameter and it’s value means that we can group these nicely together and just pass that hash table ($properties) to the cmdlet. For commands like New-ADUser, this is great because you can have some serious long lines of parameters and settings. You’ll notice that when you put it after the cmdlet name, you use a ‘@’ in place of the ‘$’ defined in the hash table.

Try the code below, and let us know how you get on. :slight_smile:

$datasource = Import-Csv -Path 'C:\Users.csv'
foreach($dataRecord in $datasource) 
{
    $secpasswd = ConvertTo-SecureString -String 'password' -AsPlainText -Force 

    $properties = @{
        DisplayName       = "$($dataRecord.FirstName) $($dataRecord.sn)"
        SAMaccountName    = $dataRecord.sAMAccountName
        Surname           = $dataRecord.LastName
        Path              = $dataRecord.ParentOU
        UserPrincipalName = $sAMAccountName + '@domain.local'
        GivenName         = $dataRecord.FirstName
        AccountPassword   = $secpasswd
        Enabled           = $True
        Name              = $datasource.cn
    }

    New-ADUser @properties
    Add-ADGroupMember -Identity $group -Member $dataRecord.sAMAccountName
}
3

In the case where the user is already created based on script above:
Move-ADObject -Identity (Get-ADUser $DataRecord.sAMAccountName) -TargetPath $OU

Or in your example above you could change the following line:
$objUser=$ObjOU.Create(“user”,“CN=” + $cn + “,” + $OU)

The second one I’m not so sure on simply because I am unsure of the $ObjUser object type. Haven’t played much in AD cmdlets unfortunately.

4

Hello Tim Pringle,

I kind of knew that there is/are something mixed in the code I provided above but I didn’t know what. I’m glad you pointed that out.
Your code looks a lot more “elegant” than the one I posted.

I’m going to give it a try and see how it works. I’ll post my findings later.

Thank you so much for your help.

5

Hello K. Chris Nakagaki,

The line that you added is most likely the line that I couldn’t figure out how to write by myself.
It looks like it will also work. However as I mentioned in my reply to Tim Pringle, his code is a lot more elegant than mine so I might rethink my whole strategy.

I am still going to give your line of code a try and see if it works for me and post my findings.

Thank you so much for your help, I truly appreciate it.

6

Hello K. Chris Nakagaki,

Your solution seemed to work better and since it requires little to no modifications of the existing code, I adopted it…
Now, since each new user could also be a member of a different group, how would I add a description such as “Member of Groupxxx” where Groupxxx should be based on $group variable to the users’ properties?

Thank you,
AR