+ Post New Thread
Results 1 to 3 of 3
Scripts Thread, Bulk Add Users on Server 2008 R2 PowerShell Script in Coding and Web Development; ...
  1. #1
    Freedom's Avatar
    Join Date
    Feb 2007
    England - Midlands
    Thank Post
    Thanked 5 Times in 4 Posts
    Rep Power

    Post Bulk Add Users on Server 2008 R2 PowerShell Script


    I've been working on and tweaking this code for the last few days in-between the other normal jobs that we all have to do and this is the result.

    Import AD Users from a CSV File.
    Import AD Users from a CSV File.
    The script will request user input for a password and LOG / CSV file and then just get on with the task at hand.
    Authors: © Alex Haines
    Modified for use at Millfields First School in Bromsgrove by Alex Haines in December 2010.
    Original basic code was from a TechNet forum post - http://social.technet.microsoft.com/Forums/en-US/ITCG/thread/5b0420a6-2ff7-445f-8887-07c295073f45
    Some other code was taken from another TechNet post later on to add Home Folder features - can't credit as can't remember - sorry!
    Last edited on 09th February 2011.
    This script ASSUMES a Domain called "millfields.local" You must edit appropriate spots to reflect the
    CORRECT domain name in your environment.  Also ensure and test in a TEST domain vs production before unleashing the script.
    Path of CSV file to import
    Path of ERROR LOG file if needed during script processing
    import_users.ps1 -CSVFilePath C:\Scripts\Users.csv -LOGFilePath C:\Scripts\ErrorLog.txt
    # Forcefully request info on where the LOG & CSV file should be created.
    param ([parameter(Mandatory=$True,HelpMessage='Path of ERROR LOG file to write to:')]$LOGFilePath, [parameter(Mandatory=$True,HelpMessage='Path of CSV file to import from:')]$CSVFilePath)
    # Test for existence of supplied LOG - if not exit.
    if (Test-Path $LOGFilePath){
    	Write-Host ''
    	Write-Host 'The Path to the ERROR LOG file appears to already exist. APPENDING TO & CONTINUING SCRIPT!'
    	$(Get-Date -format "dd/MM/yy HH:mm:ss") + ': The chosen LOG file (' + $LOGFilePath + ') already exists! Do not panic, I will just append to it.' | Out-File $LOGFilePath -append
    	Write-Host ''
    	Write-Host 'The Path to the ERROR LOG file is not valid. CREATING & CONTINUING SCRIPT!'
    	$(Get-Date -format "dd/MM/yy HH:mm:ss") + ': The chosen LOG file (' + $LOGFilePath + ') was not valid! Do not panic, I will just create it.' | Out-File $LOGFilePath -append
    # Test for existence of supplied CSV - if not exit.
    if (Test-Path $CSVFilePath){
    	Write-Host 'The Path to the CSV file appears valid. CONTINUING SCRIPT!'
    	Write-Host ''
    	$(Get-Date -format "dd/MM/yy HH:mm:ss") + ': The chosen CSV file (' + $CSVFilePath + ') exists so the script continued!' | Out-File $LOGFilePath -append
    	Write-Host 'The Path to the CSV file appears invalid. EXITING SCRIPT!'
    	Write-Host ''
    	$(Get-Date -format "dd/MM/yy HH:mm:ss") + ': ERROR 4 - The chosen CSV file (' + $CSVFilePath + ') did not exist so the script had to be terminated as there was no work to do!' | Out-File $LOGFilePath -append
    Get a temporary password for the users. If you don't the accounts will create no problem but
    they will be "Disabled" accounts. This will mean you have to go through and enable them after the import.
    As we don't really want to have to do this, I advise you leave this step in place - you could hardcode
    the $Password variable if you wanted as it makes no real difference.
    For Secure Mode use -AsSecureString (This blanks out the password as you type and hides it from view
    when using 'Up Arrow').
    $Password=READ-HOST 'Enter a Temporary Secure Password (eg Golf!911)' -AsSecureString
    Go through EACH item in the list (Header row is treated as variable names by default)
    $(Get-Date -format "dd/MM/yy HH:mm:ss") + ': Start of the main loop.' | Out-File $LOGFilePath -append
    FOREACH ($USER in (IMPORT-CSV $CSVFilePath)) {
    I could just Assign straight in from the Cmdlet but I'm putting them into
    Individual variables so you can see how the data is referenced (check your
    CSV headers, those are the exact names but are NoT cAsE sEnSiTiVe).
    A standard csv from county will be given with 6 Headers
    givenName | sn | gname | department | uname | ctPassword
    You will see that most of the lines below don't have any data in them - this is deliberate
    as in most situations, the schools won't need them. If you do, just replace with the correct
    header name as your csv file requires in the format =$USER.header
    $DisplayName=$Username+' - '+($FirstName+' ').Substring(0,1).Trimend()+'.'+$LastName
    $Company='Millfields First School'
    $PhoneNumber='01527 831 885 + '+$Extension
    $Description=$FirstName+' '+$LastName+' belongs to the '+$JobTitle+' group and joined the school in '+$Department+'.'
    SAM USERID cannot be greater than 20 characters so trim away - LEGACY!
    $SAM=(($Username+'                    ').Substring(0,20)).Trimend()
    Check to see if the user already exists.
    If it does add it to an error log and then continue with the next user.
    If it doesn't then add the user and loop.
    $count = Get-QADUser –samAccountName $SAM | Measure-Object
    if ($count.count –gt 0) {
    	Write-Host 'The user'$SAM' failed. This is because the user already exists!'
    	$(Get-Date -format "dd/MM/yy HH:mm:ss") + ': The user ' + $SAM + ' failed. This is because the user already exists!' | Out-File $LOGFilePath -append
    } else {
    	# Create the home folders and assign permissions.
    	# Checks starting character of accname and load balances to two (or more) servers if desired.
      	$server1 = 'a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v','w','x','y','z'
      	#$server2 = 'o','p','q','r','s','t','u','v','w','x','y','z'
      	Switch ($SAM.substring(0,1).tolower()) {
    	    { $server1 –contains $_ } 
        	  { $homeserver = '\\alabama\'; break; }
        	{ $server2 –contains $_ } 
          	  { $homeserver = '\\alaska\'; break; }
    	# Test for non-existence of created home directory - if not skip creation.
    	if (Test-Path $homeserver'Homes$\'$SAM){
    	Write-Host exists? $homeserver'Homes$\'$SAM
    	$(Get-Date -format "dd/MM/yy HH:mm:ss") + ': ERROR 6 - User ' + $SAM + '.'  | Out-File $LOGFilePath -append
    	else {
    	# Make the directory.
      	Mkdir ($homeserver + 'Homes$\' + $SAM)
      	# Construct two commands to add Read/Write access to the directory.
    	$cacls1 = "cacls " + $homeserver + "Homes$\" + $SAM + " /E /G " + $SAM + ":R"
      	$cacls2 = "cacls " + $homeserver + "Homes$\" + $SAM + " /E /G " + $SAM + ":W"
    	$cacls3 = "cacls " + $homeserver + "Homes$\" + $SAM + " /E /G " + $SAM + ":F"
    	$cacls4 = "cacls " + $homeserver + "Homes$\" + $SAM + " /E /G " + $SAM + ":C"
    	# DEBUG
    	#Write-Host $cacls1
    	#Write-Host $cacls2
    	#Write-Host $cacls3
    	#Write-Host $cacls4
    	# Now create the user.
    	NEW-QADUSER -ParentContainer $Domain'/Imported' -Name $DisplayName -UserPassword $Password -City $City -Company $Company -Department $Department -email $Email -FAX $Fax -Firstname $FirstName -Lastname $LastName -Mobilephone $MobilePhone -Office $Office -Phonenumber $PhoneNumber -Postalcode $PostalZip -samaccountname $SAM -StateorProvince $StateProv -StreetAddress $Address -Title $JobTitle -UserPrincipalName $UPN -webpage $Web -Description $Description -displayname $DisplayName -HomeDirectory $HomeDirectory -HomeDrive $HomeDrive -ProfilePath $ProfilePath -LogonScript $LogonScript
    	$(Get-Date -format "dd/MM/yy HH:mm:ss") + ': The user ' + $SAM + ' succeeded.' | Out-File $LOGFilePath -append
      	# Run the two commands.
      	cmd /c $cacls1
      	cmd /c $cacls2
    	cmd /c $cacls3
    	cmd /c $cacls4
    # Close the log file.
    $(Get-Date -format "dd/MM/yy HH:mm:ss") + ': EoF' | Out-File $LOGFilePath -append
    '	' | Out-File $LOGFilePath -append
    The code works well and successfully imported my users into AD with their home folders all correctly assigned. The only thing I had to do afterwards was move the users from the Imported OU to the correct OU and assign them to any groups, but this is very easy to do.

    Feel free to modify or recommend changes, but please post them back on this forum or send me a PM. Also, if you are going to use it or republish it, please link back to this post so Edugeek can get some more members.

    Oh and if anyone is wondering why I didn't use one of the many other scripts out there, I found that none of them would work in a Server 2008 R2 environment!

  2. 2 Thanks to Freedom:

    joe90bass (8th August 2011), stevenlong1985 (29th July 2012)

  3. #2

    Join Date
    Jan 2010
    Thank Post
    Thanked 5 Times in 5 Posts
    Rep Power
    hi, can you make this to also create exchange email account ?

  4. #3

    Join Date
    May 2009
    Thank Post
    Thanked 849 Times in 637 Posts
    Rep Power
    Quote Originally Posted by zbjsy View Post
    hi, can you make this to also create exchange email account ?
    There are a couple of scripts here which deal with exchange accounts in addition to all the other stuff. They should help show you what you need to do.

+ Post New Thread

Similar Threads

  1. Program or Script to add URLS to a URL sets in ISA server.
    By FN-GM in forum Internet Related/Filtering/Firewall
    Replies: 9
    Last Post: 3rd July 2009, 06:44 PM
  2. Windows Server 2008: Bulk User Creation
    By DAckroyd in forum Windows Server 2008
    Replies: 4
    Last Post: 3rd February 2009, 08:25 PM
  3. Active Directory-Script for Creating Bulk Users
    By calapso in forum How do you do....it?
    Replies: 8
    Last Post: 14th January 2009, 06:32 PM
  4. how can i bulk add users to a an AD group
    By goodhead in forum Windows
    Replies: 5
    Last Post: 4th December 2008, 06:32 PM
  5. Replies: 0
    Last Post: 24th January 2008, 02:58 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts