Create Bulk Users in Active Directory

In this tutorial, we’ll go through the process of creating Active Directory users’ accounts in bulk using two methods: the task automation tool “PowerShell” and “GUI-based AD Import User Tool”. We’ll start with command-line PowerShell and then move on with the GUI-AD Admin tool. Both methods are different but accomplish the same. You can skip command-line scripting with PowerShell and if you prefer the GUI method.

Table of Contents

  1. PowerShell vs GUI-based AD Import User Tool
    • Using PowerShell to create bulk users in Active Directory.
    • Using the GUI-based AD Admin Tool
  2. Install PowerShell Modules
    • Install the PowerShell Active Directory Module
    • Install the ISE Module
  3. Create Users in Bulk with PowerShell
    • Create the .CSV file
    • Determine the OU Path
    • Modify and run the PowerShell script
  4. Using an AD Admin GUI-Tool to Import Bulk Users
    • Install and Open the SolarWinds User Import Tool
    • Map Custom Fields
    • Review Accounts
  5. Conclusion

1. PowerShell vs GUI-based AD Import User Tool

If you are managing a couple of user accounts, and adding 1-2 new users per week, creating user accounts in bulk is not as effective as if you manage more than 10 users. Large organizations dealing with many user accounts can benefit from automation tools such as PowerShell or AD admin tools.

a. Using PowerShell to create bulk users in Active Directory

To use PowerShell to manage AD user accounts, you would need to install a PowerShell module named “ActiveDirectory”. A PowerShell module is a package that contains cmdlets, variables, providers, functions, etc. This AD module lets you add AD commands to your PowerShell session and use them as if they were built-in.

The method for installing the module varies according to the Windows version. For example, if you have the Remote Server Administration Toolkit (RSAT), already, then you don’t need to download and install the module (more on this below).

To create users in bulk with PowerShell, you’ll need the following:

  • PowerShell module already loaded
  • CSV file with information from new users
  • PowerShell script to import data and create new accounts

PowerShell gives you more flexibility and control to create bulk users but can get complicated if you don’t have scripting skills.

b. Using the GUI-based AD Admin Tool

The second method to create Active Directory users in bulk is using a free AD admin tool from SolarWinds. This GUI tool lets you import the list of users with CSV or XLS, then lets you map the fields from your file to the existing fields in AD.

To create bulk users in AD with the free AD admin tool, you’ll need the following.

  1. The SolarWinds GUI-tool is already installed
  2. The user’s list in CSV or XLS

The SolarWinds AD admin tool allows you to create users in bulk much easier and faster. Still, it doesn’t give much control and flexibility as PowerShell does.

2. Install PowerShell Modules

Let’s begin, by installing two modules, the Active Directory Module and the ISE Module.

  1. Active Directory (AD) module for Windows PowerShell A set of special cmdlets for AD, that lets you manage AD domains, AD LDS configuration sets, and the AD Database Mounting Tool
  2. ISE PowerShell Module This is a PowerShell module management toolkit. ISE simply allows you to streamline the management of PowerShell modules

We’ll start by installing the PowerShell Active Directory module, then following up to install the ISE Module Browser.

a. Install the PowerShell Active Directory Module

For Windows 10, you’ll only need to install the Remote Server Administration Tools (RSAT). When you install RSAT, all tools including the AD PowerShell module will be enabled by default. To get RSAT, you’ll need to:

Find: “Manage Optional Features” > click on “+ Add Feature” > find “RSAT” > and click on “Install”.

For Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016, the RSAT is already there. So, all you need to do is add the PowerShell module as a feature using Server Manager.

  1. Go to Server Manager
  2. Click on “Manage” > click on “Add Roles and Features”
  3. Click “Next” until you find “Features”
  4. Go to “Remote Server Administration Tools” > Role Administration Tools > AD DS and AD LDS Tools > enable “Active Directory Module for Windows PowerShell”
Remote Server Administration Tools, Role Administration

Another way to install the RSAT-AD PowerShell module (on Windows Server 2012, 2012R, and 2016) is to install it right from the PowerShell console.

Open PowerShell and type:

  • Add-WindowsFeature RSAT-AD-PowerShell
PowerShell

b. Install the ISE PowerShell Module

For Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016, you can do a similar process as shown before. You can add the Windows PowerShell ISE as a feature with Server Manager.

  1. Open “Server Manager”
  2. Click on “Add Roles and Features”
  3. Click “Next” until you find “Features”
  4. Find the feature “Windows PowerShell” > select and install “Windows PowerShell ISE”
PowerShell Add Roles and Features

3. Create Users in Bulk with PowerShell

So the PowerShell modules are already loaded, now all you’ll need to do is create a CSV file listing all the user’s information and import it into a PowerShell script, to automate the entire process.

Bear in mind, that you’ll need to have administrative rights to login and create user accounts.

a. Create the .CSV file

The PowerShell script wouldn’t produce results without input data. First, we need to create a CSV file containing AD data fields like name, username, password, OU, description, or more— to feed into our PowerShell Script.

Let’s create a simple CSV file with the following data fields

  • firstname
  • lastname
  • username
  • password
  • OU

So, below is a screenshot of a spreadsheet created using Google sheets— which you can later export as Comma Separated Value (CSV). You can create a CSV using notepad or MS Excel.

Google sheets spreadsheet

This document contains the required data fields, First name, Last name, Username, Password, and OU. It is recommended to use strong password policies, like avoid mixing repetitive password configurations and requiring password change at the next logon (which is done in the PowerShell script).

Notice that when defining the OU, you can set the accounts to import into different OUs. For example, two accounts are going to be imported into OU=IT, two accounts into OU=New Users, and two accounts into OU=Education.

b. How to Determine the OU?

An OU stores users and computer accounts, and provides an organizational structure to help sort objects according to geography, department, etc. When you create a new user in Active Directory Users and Computers, you’ll need to select the Domain Controller (i.e. pcwdld.com) and then an OU (such as New Users).

For example, this particular new user will be created in this “OU Path” > pcwdld.com/New Users

Determine the OU

This OU Path is an attribute referred to as “DistinguishedName.”

In our CSV file example, we have three departments (sub-organizational OUs) where our new users are going to be created (IT, Marketing, and Sales). Our OU paths would look something like this:

  • pcwdld.com/IT
  • pcwdld.com/Marketing
  • pcwdld.com/Sales

To find this OU Path, open “Active Directory Users and Computers,” > and browse the OU where you want to import your new user (or users). Right-click on the OU and click on “Properties”.

find this OU Path

Go to the “Attribute Editor” label, and find the Attribute with the name: “DistinguishedName” > double-click on it to open the “String Attribute Editor” and copy the “Value”.

Now, go ahead and paste this value (OU path) into the OU column of your CSV fil

Your CSV file should be ready to be imported into PowerShell. Now all you need is to create and set up the PowerShell script.

c. Modify and Run the PowerShell Script

So, your PowerShell Active Directory module has been already loaded and you have already created the CSV file containing the right information on your new users. Now, it is time to open and test the PowerShell script.

Import Bulk Users.zip

Open the Script

To open the PS script, make sure to open the PowerShell console with administrator rights. To successfully create users in bulk, by importing the data from CSV, you’ll need to update some information on the script.

To open and modify the script (ps), you can either use PowerShell ISE by right-clicking on the .ps file and selecting “Edit”. Or, open the file using .txt editors like notepad or notepad++, then use the “save as” option with the .ps extension.

Modify the Script:

Update the default path (C:\UserList.csv) of the CSV file with your path.

  • $Users = Import-csv “your path”
Update the default path

Update the UPN “UserPrincipalName” to your correct domain name.

  • UserPrincipalName “$your domain”
Update the UPN “UserPrincipalName”

Save your changes.

Run the Script

Now, that the CSV file contains the right data from all users and your PowerShell script is already modified to input/output the right information, it is time to run the PS script.

To execute the script:

  1. Open it using PowerShell ISE. Right-click on the file and click on “Edit”. Click the Green button to execute the script.
    Open it using PowerShell ISE
  2. The prompt below will show you whether the script ran successfully or any warning messages (such as accounts that already exist).
  3. Verify that all user accounts have been created. Open the Active Directory Users and Computers and open the right domain and OU to ensure all new users have been successfully created.

4. Using an AD Admin GUI-Tool to Import Bulk Users

SolarWinds Admin Bundle for Active Directory is a free GUI bundle of mini-utilities that features three AD management tools. With this bundle, you can find inactive users and machines, remove them, and of course import users in bulk.

Download SolarWinds GUI-tool for importing users in bulk. The tool is 100% free.

a. Install and Open the SolarWinds User Import Tool

Once downloaded, go ahead and open the “SolarWinds-User-Import-Tool” folder from the zip file, and open the UserImportTool.msi file

open the “SolarWinds-User-Import-Tool

Go ahead and “Agree to the terms and conditions”, and click “Install”.

Agree to the terms and conditions”, and click “Install”

Once installed, go ahead and open the SolarWinds “User Import Tool”. To create bulk users with this tool, all you’ll need to provide is the file with your user’s information.

  1. Select your file To import data from your CSV, click on “Select File” and browse your file. You can also import data from an Xls file.
  2. Select Account type Select “Create AD account only”, unless you also want to create Exchange Mailbox.
  3. Provide the Credential Information Use administrator credentials, and click “Next.”
SolarWinds User Import Tool - Provide the Credential Information

b. Map Custom Fields

The Next screen “Map Custom Fields,” will show you the fields in your CSV file. Now, you’ll need to map the custom fields “From” your file to what is actually available in your Active Directory. For example, user > SAM, department > Organizational Unit, etc.

SolarWinds User Import Tool, Map Custom Fields

If an attribute does not exist, you can add it, using the bottom-right button “Add” to add the new attribute.

c. Review Accounts

  • Click “Next” to see the “Create User Accounts” summary. Here, you’ll be able to see the User preview and select (or de-select) any users to be created (or excluded).
SolarWinds User Import Tool, Create User Accounts
  • Click on “Create” to import all users from a CSV file and create all users in bulk.
  • Verify whether all users have been created successfully Go to Active Directory Users and Computers and check on the Users OU. Verify that all the user accounts have been created.

ManageEngine ADManager Plus – FREE TRIAL

ADManager Plus from ManageEngine

ManageEngine ADManager Plus is another third-party tool that allows you to create users in bulk.

Key features:

  • Supports enterprise-level bulk automations
  • Supports native graphing and robust reporting
  • Has manual and automated account auditing capabilities

PROS:

  • Detailed reporting, can generate compliance reports for all major standards (PCI, HIPAA, etc.)
  • Supports multiple domains
  • Supports delegation for NOC or helpdesk teams
  • Allows you to visually view share permissions and the details of security groups

CONS:

  • Is a comprehensive platform that takes time to fully explore

This system uses a template to standardize user account data. So, the first step in creating a batch of user accounts is to define the template that should be used for accounts. You can figure out your requirements with a 30-day free trial.

Conclusion

In this tutorial, we learned how to create users in bulk in Active Directory using two different methods: the PowerShell script and the GUI User Import Tool.

Both methods can be highly effective. If you want more control and flexibility, use PowerShell. But bear in mind that you’ll need some scripting abilities to update and troubleshoot your script. On the other hand, creating bulk users in Active Directory with the SolarWinds User Import Tool is much easier and faster, because it saves you from customizing scripts.

Create Bulk Users in Active Directory FAQs

How do I create AD user in CSV?

A CSV file is a plain-text file with comma-separated values. You can create such a file with Notepad or some other text editor. However, it is easier to create a CSV file of Active Directory user accounts in a spreadsheet, such as Excel. Spreadsheet systems allow you to save your file in CSV format. Put headings at the top of the first few columns in your spreadsheet. These headings will be the fields of data in your CSV file for import into Active Directory. The least you will need are the following columns:

  1. First Name
  2. Last Name
  3. Username
  4. Password
  5. OU

Enter data into each of these columns. This will create a number of records with each row representing a new user account. Select to save the file in CSV format. For example, in Excel, expand the drop-down list that is shown below the file name field – CSV is an option in this list.

examp file csv

file user.csv

code file create user.ps1 (powershell)

#Store the data from Users.csv in the $Users variable
$Users = Import-csv C:\new12.csv

#Loop through each row containing user details in the CSV file 
foreach ($User in $Users)
{
	#Read user data from each field in each row and assign the data to a variable as below
		
	$Username = $User.username
	$Password = $User.password
	$Firstname = $User.firstname
	$Lastname = $User.lastname
	$OU = $User.ou 
	$Password = $User.Password
    $Description = $User.description

	#Check to see if the user already exists in AD
	if (Get-ADUser -F {SamAccountName -eq $Username})
	{
		#If user does exist, give a warning
		Write-Warning "A user account with username $Username already exist."
	}
	else
	{
		#User does not exist then create the new user account
		
        #Account will be created in the OU provided by the $OU variable read from the CSV file
		New-ADUser `
	-SamAccountName $Username `
	-UserPrincipalName "$Username@anhkhuesaigon.com.vn" `
	-Name "$Lastname$Firstname" `
	-GivenName $Firstname `
	-Surname $Lastname `
	-Enabled $True `
    -Description $Description `
	-DisplayName "$Lastname$Firstname" `
	-Path $OU `
	-City $city `
	-Company $company `
	-State $state `
	-StreetAddress $streetaddress `
	-OfficePhone $telephone `
	-EmailAddress $email `
	-Title $jobtitle `
	-Department $department `
	-AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $False
            
	}
}

You will need to modify the path to the CSV file you saved from step 1 (unless it matches what I have in the script).

$ADUsers = Import-csv C:\it\bulk_import.csv

By default, the script sets the accounts to enable. You can change this by setting Enabled to false

Enabled = $false

By default, the script sets the accounts to change password at the next logon. To change this set “ChangePasswordAtlogon to false.

ChangePasswordAtLogon = $false

That should do it for configuring the script. It’s pretty much ready to go as is.

2 thoughts on “Create Bulk Users in Active Directory

Leave a Reply

Your email address will not be published. Required fields are marked *

RELATED POST

How to Create a PowerShell Scheduled Task with Error SecurityError PSSecurityException FullyQualifiedErrorId

Use Task Scheduler to Run a PowerShell Script The first option that we are going to look at is using…

Delete All Files Older than x Days using PowerShell

How to Delete Older Files Using PowerShell? Deleting unnecessary files is important for keeping your computer and storage running smoothly.…

Managing IIS Log File Storage Windows Server 2012-2016-2019

Overview The log files that IIS generates can, over time, consume a large amount of disk space. Logs can potentially…

Outlook keeps displaying error: Contact the server for information

What version of Outlook are you using? See What version of Outlook do I have? (microsoft.com). What were you trying…