New-ADUser:The server was unable to process the request due to an internal error

I’m getting errors on this script: “New-ADUser : The server was unable to process the request due to an internal error.”

$Firstname = Read-Host "Enter new First name"
$Lastname = Read-Host "Enter new Last name"
$Username = Read-Host "Enter new Username"
$Password = Read-Host "Enter new Password"
$OrgName = ",DC=MyDC,DC=org'"
$O = Read-Host "Enter OU Name"
$O2 = "'OU="
$OU = $O2 + $O + $OrgName

#Existing User?
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user exist error out
Write-Warning "A user account $Username has already been created in Active Directory."
}
else
{
New-ADUser -Name "$Firstname $Lastname" -SamAccountName "$Username" -UserPrincipalName '"$Username@MyDomain.org"' -GivenName $Firstname -Surname $Lastname -Enabled $True -EmailAddress "$Username@MyDomain.org" -ChangePasswordAtLogon $False -DisplayName "$Firstname $Lastname" -Path $OU -AccountPassword (convertto-securestring $Password -AsPlainText -Force)

}

Are you able to create the user account manually from UI ?

Some suggestions on the script:

Use parameters rather than using Read-Host in script for inputs.

Param(
   [Parameter(Mandatory]
   [string]$Firstname,
   [Parameter(Mandatory]
   [string]$$Lastname,
   [Parameter(Mandatory]
   [string]$$Username,
   [Parameter(Mandatory]
   [System.Security.SecureString]$$Password,
   [Parameter(Mandatory]
   [string]$OUName 
)

$O2 = "'OU="
$OU = $O2 + $OUName + $OrgName
$UPN = "{0}@MyDomain.org" -f $Username

#Existing User?
if (Get-ADUser -F {SamAccountName -eq $Username})
{
#If user exist error out
Write-Warning "A user account $Username has already been created in Active Directory."
}
else
{
New-ADUser -Name "$Firstname $Lastname" -SamAccountName $Username -UserPrincipalName $UPN -GivenName $Firstname -Surname $Lastname -Enabled $True -EmailAddress "$Username@MyDomain.org" -ChangePasswordAtLogon $False -DisplayName "$Firstname $Lastname" -Path $OU -AccountPassword $Password

}

Or if you want those descriptinve input questions, that can be done via parameters too.

Param(
   [string]$Firstname = $(Read-Host "Enter new First name"),

   [string]$$Lastname = $(Read-Host "Enter new Last name"),

   [string]$$Username = $(Read-Host "Enter new Username"),

   [System.Security.SecureString]$$Password = $(Read-Host "Enter new Password"),

   [string]$OUName = $(Read-Host "Enter OU Name")
)

Not using parameters will make it difficult to automate things… in case of some other script calling this script.

You need to remove the from the $OrgName and $O2 variables. The $OU variable will combine the full organizational unit into one string and there is no need to have another set of '.

$Firstname = Read-Host "Enter new First name"
$Lastname = Read-Host "Enter new Last name"
$Username = Read-Host "Enter new Username"
$Password = Read-Host "Enter new Password"
$OrgName = ",DC=MyDC,DC=org"
$O = Read-Host "Enter OU Name"
$O2 = "OU="
$OU = $O2 + $O + $OrgName

#Existing User?
if (Get-ADUser -F {SamAccountName -eq $Username})
{
    #If user exist error out
    Write-Warning "A user account $Username has already been created in Active Directory."
}
else
{
    New-ADUser -Name "$Firstname $Lastname" -SamAccountName "$Username" -UserPrincipalName '"$Username@MyDomain.org"' -GivenName $Firstname -Surname $Lastname -Enabled 
    $True -EmailAddress "$Username@MyDomain.org" -ChangePasswordAtLogon $False -DisplayName "$Firstname $Lastname" -Path $OU -AccountPassword (convertto-securestring 
    $Password -AsPlainText -Force)
}

Also, I would definitely recommend implementing the approach @kvprasoon suggested by removing the Read-Host and creating parameters for the inputs. Another suggestion is to splat your New-ADUser variables.

$ADParams = @{
    Name = "$Firstname $Lastname"
    SamAccountName = $Username
    UserPrincipalName = "$Username@MyDomain.org"
    GivenName = $Firstname
    Surname = $Lastname
    Enabled = $True 
    EmailAddress = "$Username@MyDomain.org"
    ChangePasswordAtLogon = $False
    DisplayName = "$Firstname $Lastname"
    Path = $OU 
    AccountPassword = (convertto-securestring $Password -AsPlainText -Force)
}

New-ADUser @ADParams

pwshliquori

Both suggestions were a big help. thanks!