Ever required the need to make lots of Domain Users? Here's a PowerShell script that does just that, more than 73,000. This can be increased by adding more First and Last names to the CSV. 73,000 test accounts are likely more than an entire lifetime's worth, but the script can be altered by removing all the randomizers to create actual users based on a csv list.
Download the following script (CreateTestUsers.txt) and names.csv and copy them to C:\Downloads
Rename the 'CreateTestUsers.txt' to 'CreateTestUsers.ps1', open in PowerShell_ISE and update the domain specific entries.
Run the script and enter the number of accounts required.
During testing the higher the percentage of maximum accounts the slower the script runs, it struggles to make unique names.
The accounts create have their Profile and Home shares, Group Membership
Each account created has a random 14-character password that is outputted at the end to C:\Downloads\results.txt
Here's the script...
#Get OU for users
import-module ActiveDirectory
#Get Targetted OU
$orgOU = Get-ADOrganizationalUnit "ou=Test Users,ou=Org,dc=sh,dc=loc"
$orgOU.distinguishedname
#set password length
$length = "14"
#Outs the account and password created
$results = "C:\Downloads\results.txt"
#Declares Inheritance
$inherNone = [System.Security.AccessControl.InheritanceFlags]::None
$propNone = [System.Security.AccessControl.PropagationFlags]::None
$inherCnIn = [System.Security.AccessControl.InheritanceFlags]::ContainerInherit
$propInOn = [System.Security.AccessControl.PropagationFlags]::InheritOnly
$inherObIn = [System.Security.AccessControl.InheritanceFlags]::ObjectInherit
$propNoPr = [System.Security.AccessControl.PropagationFlags]::NoPropagateInherit
#current number of users in OU
$aduE = get-aduser -filter {samaccountname -like "*"} -SearchBase $orgOU
$existing = $aduE.count
#Import list of first and surnames
$Names = "C:\Downloads\names.csv"
#Imports and works out max possible users that can be created
$impName = Import-Csv -path $Names
$FNCT = ($impName.firstname | where {$_.trim() -ne ""}).count
$SNCT = ($impName.surname | Where {$_.trim() -ne ""}).count
$maxUN = $FNCT * $SNCT
$total = ($maxUn.ToString()) -10
do {$enter = ([int]$NOS = (read-host "Max User accounts is "$total", how many do you need"))
}
until ($nos -le $total)
$UserLists=@{}
#Randomises first and surnames
do {
$FName = ($impName.firstname | where {$_.trim() -ne ""})|sort {get-random} | select -First 1
$SName = ($impName.surname | Where {$_.trim() -ne ""}) |sort {get-random} | select -First 1
$UserIDs = $Fname + "." + $Sname
try {$UserLists.add($UserIds,$UserIDs)} catch {}
$UserIDs = $null
Write-Host $UserLists.count
} until ($UserLists.count -eq $nos)
$UserLists.count
$userlists.GetEnumerator()
$UserLists.key
$ADUs = $UserLists.values
Foreach ($ADu in $ADus)
{
#Set var for random passwords
$Assembly = Add-Type -AssemblyName System.Web
$RandomComplexPassword = [System.Web.Security.Membership]::GeneratePassword($Length,4)
Foreach ($pwd in $RandomComplexPassword)
{
#Splits username to be used to create first and surname
$ADComp = get-aduser -filter {samaccountname -eq $ADU}
$spUse = $ADu.Split('.')
$firstNe = $spUse[0]
$surNe = $spUse[1]
$pwSec = ConvertTo-SecureString "$pwd" -AsPlainText -Force
#Creates user accounts
if ($ADComp -eq $null)
{
New-aduser -Name "$ADU" `
-SamAccountName "$ADU" `
-AccountPassword $pwSec `
-GivenName "$firstNe" `
-Surname "$surNe" `
-Displayname "$FnS" `
-Description "TEST $ADu" `
-Path $orgOU `
-Enable $true `
-ProfilePath "\\shdc1\Profiles$\$ADU" `
-HomeDirectory "\\shdc1\Home$\$ADU" `
-HomeDrive "H:" `
#Creates Home Directory and Sets permissions
New-Item "\\shdc1\Home$\$ADU" -ItemType Directory -force
$gADU = Get-ADUser $ADU
$H = "\\shdc1\Home$\$ADU"
$getAcl = Get-Acl $H
$fileAcc = New-Object System.Security.AccessControl.FileSystemAccessRule($gADU.sid, "MODIFY", "$inherCnIn,$inherObIn", "None", "Allow")
$getacl.setAccessRule($fileAcc)
Set-Acl $H $getacl
#Add Group membership
Add-ADGroupMember -Identity "DFSAccess"-Members $ADU
#Outs results to Results file
$adu | out-file $results -Append
$pwd | out-file $results -Append
" " | out-file $results -Append
}
else {"nope exists "}
Write-host $ADU
}
}
# Total users in OU
$aduC = get-aduser -filter {samaccountname -like "*"} -SearchBase $orgOU
$TotalU = $aduC.count
#Total users created
Write-host "Total New Users"
$TotalU - $existing