'm using the below PowerShell script, by @hicannl which I found here: http://gallery.technet.microsoft.com/scriptcenter/PowerShell-Create-Active-7e6a3978#content, for bulk creating users from a CSV file.
I've had to edit it a bit, adding some
additional user fields, and removing others, and changing the sAMAccount
name from first initial + lastname, to firstname.lastname. However now
when I run it, I get an error saying:
"[ERROR] Oops, something went wrong:
The following exception occurred while retrieving member "Put": "There
is no such object on the server."
The account is created in the default OU,
with the correct firstname.lastname format, but then it seems to error
at setting the "Set an ExtensionAttribute" section. However I can't see
why!
# ERROR REPORTING ALL
Set-StrictMode -Version latest
#----------------------------------------------------------
# LOAD ASSEMBLIES AND MODULES
#----------------------------------------------------------
Try
{
Import-Module ActiveDirectory -ErrorAction Stop
}
Catch
{
Write-Host "[ERROR]`t ActiveDirectory Module couldn't be loaded. Script will stop!"
Exit 1
}
#----------------------------------------------------------
#STATIC VARIABLES
#----------------------------------------------------------
$path = Split-Path -parent $MyInvocation.MyCommand.Definition
$newpath = $path + "\import_create_ad_users_test.csv"
$log = $path + "\create_ad_users.log"
$date = Get-Date
$addn = (Get-ADDomain).DistinguishedName
$dnsroot = (Get-ADDomain).DNSRoot
$i = 1
$server = "localserver.ourdomain.net"
#----------------------------------------------------------
#START FUNCTIONS
#----------------------------------------------------------
Function Start-Commands
{
Create-Users
}
Function Create-Users
{
"Processing started (on " + $date + "): " | Out-File $log -append
"--------------------------------------------" | Out-File $log -append
Import-CSV $newpath | ForEach-Object {
If (($_.Implement.ToLower()) -eq "yes")
{
If (($_.GivenName -eq "") -Or ($_.LastName -eq ""))
{
Write-Host "[ERROR]`t Please provide valid GivenName, LastName. Processing skipped for line $($i)`r`n"
"[ERROR]`t Please provide valid GivenName, LastName. Processing skipped for line $($i)`r`n" | Out-File $log -append
}
Else
{
# Set the target OU
$location = $_.TargetOU + ",$($addn)"
# Set the Enabled and PasswordNeverExpires properties
If (($_.Enabled.ToLower()) -eq "true") { $enabled = $True } Else { $enabled = $False }
If (($_.PasswordNeverExpires.ToLower()) -eq "true") { $expires = $True } Else { $expires = $False }
If (($_.ChangePasswordAtLogon.ToLower()) -eq "true") { $changepassword = $True } Else { $changepassword = $False }
# A check for the country, because those were full names and need
# to be land codes in order for AD to accept them. I used Netherlands
# as example
If($_.Country -eq "Netherlands")
{
$_.Country = "NL"
}
ElseIf ($_.Country -eq "Austria")
{
$_.Country = "AT"
}
ElseIf ($_.Country -eq "Australia")
{
$_.Country = "AU"
}
ElseIf ($_.Country -eq "United States")
{
$_.Country = "US"
}
ElseIf ($_.Country -eq "Germany")
{
$_.Country = "DE"
}
ElseIf ($_.Country -eq "Italy")
{
$_.Country = "IT"
}
Else
{
$_.Country = ""
}
# Replace dots / points (.) in names, because AD will error when a
# name ends with a dot (and it looks cleaner as well)
$replace = $_.Lastname.Replace(".","")
$lastname = $replace
# Create sAMAccountName according to this 'naming convention':
# <FirstName>"."<LastName> for example
# joe.bloggs
$sam = $_.GivenName.ToLower() + "." + $lastname.ToLower()
Try { $exists = Get-ADUser -LDAPFilter "(sAMAccountName=$sam)" -Server $server }
Catch { }
If(!$exists)
{
# Set all variables according to the table names in the Excel
# sheet / import CSV. The names can differ in every project, but
# if the names change, make sure to change it below as well.
$setpass = ConvertTo-SecureString -AsPlainText $_.Password -force
Try
{
Write-Host "[INFO]`t Creating user : $($sam)"
"[INFO]`t Creating user : $($sam)" | Out-File $log -append
New-ADUser $sam -GivenName $_.GivenName `
-Surname $_.LastName -DisplayName ($_.LastName + ", " + $_.GivenName) `
-StreetAddress $_.StreetAddress -City $_.City `
-Country $_.Country -UserPrincipalName ($sam + "@" + $dnsroot) `
-Company $_.Company -Department $_.Department `
-Title $_.Title -AccountPassword $setpass `
-PasswordNeverExpires $expires -Enabled $enabled `
-ChangePasswordAtLogon $changepassword -server $server
Write-Host "[INFO]`t Created new user : $($sam)"
"[INFO]`t Created new user : $($sam)" | Out-File $log -append
$dn = (Get-ADUser $sam).DistinguishedName
# Set an ExtensionAttribute
If ($_.ExtensionAttribute1 -ne "" -And $_.ExtensionAttribute1 -ne $Null)
{
$ext = [ADSI]"LDAP://$dn"
$ext.Put("extensionAttribute1", $_.ExtensionAttribute1)
Try { $ext.SetInfo() }
Catch { Write-Host "[ERROR]`t Couldn't set the Extension Attribute : $($_.Exception.Message)" }
}
# Move the user to the OU ($location) you set above. If you don't
# want to move the user(s) and just create them in the global Users
# OU, comment the string below
If ([adsi]::Exists("LDAP://$($location)"))
{
Move-ADObject -Identity $dn -TargetPath $location
Write-Host "[INFO]`t User $sam moved to target OU : $($location)"
"[INFO]`t User $sam moved to target OU : $($location)" | Out-File $log -append
}
Else
{
Write-Host "[ERROR]`t Targeted OU couldn't be found. Newly created user wasn't moved!"
"[ERROR]`t Targeted OU couldn't be found. Newly created user wasn't moved!" | Out-File $log -append
}
# Rename the object to a good looking name (otherwise you see
# the 'ugly' shortened sAMAccountNames as a name in AD. This
# can't be set right away (as sAMAccountName) due to the 20
# character restriction
$newdn = (Get-ADUser $sam).DistinguishedName
Rename-ADObject -Identity $newdn -NewName ($_.LastName + ", " + $_.GivenName)
Write-Host "[INFO]`t Renamed $($sam) to $($_.GivenName) $($_.LastName)`r`n"
"[INFO]`t Renamed $($sam) to $($_.GivenName) $($_.LastName)`r`n" | Out-File $log -append
}
Catch
{
Write-Host "[ERROR]`t Oops, something went wrong: $($_.Exception.Message)`r`n"
}
}
Else
{
Write-Host "[SKIP]`t User $($sam) ($($_.GivenName) $($_.LastName)) already exists or returned an error!`r`n"
"[SKIP]`t User $($sam) ($($_.GivenName) $($_.LastName)) already exists or returned an error!" | Out-File $log -append
}
}
}
Else
{
Write-Host "[SKIP]`t User $($sam) ($($_.GivenName) $($_.LastName)) will be skipped for processing!`r`n"
"[SKIP]`t User $($sam) ($($_.GivenName) $($_.LastName)) will be skipped for processing!" | Out-File $log -append
}
$i++
}
"--------------------------------------------" + "`r`n" | Out-File $log -append
}
Write-Host "STARTED SCRIPT`r`n"
Start-Commands
Write-Host "STOPPED SCRIPT"