Create 73,000 Test AD User Accounts

Ever required the need to make lots of Domain Users? Here's a PowerShell script that does just that, more than 73,000. This can be increased by adding more First and Last names to the CSV. 73,000 test account is likely more than an entire lifetimes worth, but the script can be altered by removing all the randomizers to create actual users based on a csv list.

Download the following script (CreateTestUsers.txt) and names.csv and copy to C:\Downloads

Download TXT • 4KB

Download CSV • 3KB

Rename the 'CreateTestUsers.txt' to 'CreateTestUsers.ps1', open in PowerShell_ISE and update the domain specific entries.

Run the script and enter the number of accounts required

During testing the higher the percentage of maximum accounts the slower the script ran as struggles to make unique names.

The accounts create have their Profile and Home shares, Group Membership

Each account created has a random 14 character password that is outputted at the end to C:\Downloads\results.txt

Here's the script...

#Get OU for users

import-module activedirectory

#Get Targetted OU

$orgOU = Get-ADOrganizationalUnit "ou=Test Users,ou=Org,dc=sh,dc=loc"


#set password length

$length = "14"

#Outs the account and password created

$results = "C:\Downloads\results.txt"

#Declares Inheritance

$inherNone = [System.Security.AccessControl.InheritanceFlags]::None

$propNone = [System.Security.AccessControl.PropagationFlags]::None

$inherCnIn = [System.Security.AccessControl.InheritanceFlags]::ContainerInherit

$propInOn = [System.Security.AccessControl.PropagationFlags]::InheritOnly

$inherObIn = [System.Security.AccessControl.InheritanceFlags]::ObjectInherit

$propNoPr = [System.Security.AccessControl.PropagationFlags]::NoPropagateInherit

#current number of users in OU

$aduE = get-aduser -filter {samaccountname -like "*"} -SearchBase $orgOU

$existing = $aduE.count

#Import list of first and surnames

$Names = "C:\Downloads\names.csv"

#Imports and works out max possible users that can be created

$impName = Import-Csv -path $Names

$FNCT = ($impName.firstname | where {$_.trim() -ne ""}).count

$SNCT = ($impName.surname | Where {$_.trim() -ne ""}).count

$maxUN = $FNCT * $SNCT

$total = ($maxUn.ToString()) -10

do {$enter = ([int]$NOS = (read-host "Max User accounts is "$total", how many do you need"))


until ($nos -le $total)


#Randomises first and surnames

do {

$FName = ($impName.firstname | where {$_.trim() -ne ""})|sort {get-random} | select -First 1

$SName = ($impName.surname | Where {$_.trim() -ne ""}) |sort {get-random} | select -First 1

$UserIDs = $Fname + "." + $Sname

try {$UserLists.add($UserIds,$UserIDs)} catch {}

$UserIDs = $null

Write-Host $UserLists.count

} until ($UserLists.count -eq $nos)




$ADUs = $UserLists.values

Foreach ($ADu in $ADus)


#Set var for random passwords

$Assembly = Add-Type -AssemblyName System.Web

$RandomComplexPassword = [System.Web.Security.Membership]::GeneratePassword($Length,4)

Foreach ($pwd in $RandomComplexPassword)


#Splits username to be used to create first and surname

$ADComp = get-aduser -filter {samaccountname -eq $ADU}

$spUse = $ADu.Split('.')

$firstNe = $spUse[0]

$surNe = $spUse[1]

$pwSec = ConvertTo-SecureString "$pwd" -AsPlainText -Force

#Creates user accounts

if ($ADComp -eq $null)


New-aduser -Name "$ADU" `

-SamAccountName "$ADU" `

-AccountPassword $pwSec `

-GivenName "$firstNe" `

-Surname "$surNe" `

-Displayname "$FnS" `

-Description "TEST $ADu" `

-Path $orgOU `

-Enable $true `

-ProfilePath "\\shdc1\Profiles$\$ADU" `

-HomeDirectory "\\shdc1\Home$\$ADU" `

-HomeDrive "H:" `

#Creates Home Directory and Sets permissions

New-Item "\\shdc1\Home$\$ADU" -ItemType Directory -force

$gADU = Get-ADUser $ADU

$H = "\\shdc1\Home$\$ADU"

$getAcl = Get-Acl $H

$fileAcc = New-Object System.Security.AccessControl.FileSystemAccessRule($gADU.sid, "MODIFY", "$inherCnIn,$inherObIn", "None", "Allow")


Set-Acl $H $getacl

#Add Group membership

Add-ADGroupMember -Identity "DFSAccess"-Members $ADU

#Outs results to Results file

$adu | out-file $results -Append

$pwd | out-file $results -Append

" " | out-file $results -Append


else {"nope exists "}

Write-host $ADU



# Total users in OU

$aduC = get-aduser -filter {samaccountname -like "*"} -SearchBase $orgOU

$TotalU = $aduC.count

#Total users created

Write-host "Total New Users"

$TotalU - $existing

286 views0 comments

Recent Posts

See All

Passwords, this is not a lecture.....

There's lots on the web regarding passwords and what they should consist of. There are plenty of sites that also validate the strength of a would be password. But do those sites make useful suggestion