Active DirectoryMicrosoft TechnologiesWindows Server

Automate User Creation on AD, Part 2

This is the part 2 of the post which discuss about the user accounts import/export automation tools. if you not read the first part you can find it in here http://www.rebeladmin.com/2014/07/automate-user-creation-on-ad-part-1/

In previous post i explain how to use CSVDE tool to export Active directory user details in to .csv file. Also I explain how to pass parameters and filter the output according to requirement.

CSVDE tool also can use to import data in to the Active directory and it will help to automate the user creation process. Please note CSVDE tool only can use to import/export AD details only. it will not possible to use with modify or delete data in AD.

The basic syntax for the import process is

csvde -i -f filename -k

in here -i specifies the import mode. CSVDE default mode is for export. -f parameter specify the "File". -k parameter will ignore errors about "object already exist" with the import.

using this we can pass values from a comma-delimited text file (csv or txt) and automate the user account creation. for the demo i will use the following values in a CSV file.

DN,objectClass,givenName,userPrincipalName,sn
"CN=John Smith,OU=Sales Department,DC=contoso,DC=com",user,John Smith,john.smith@contoso.com,

DN,objectClass,givenName,userPrincipalName,sn – Defines attributes by thier LDAP attributes names.

"CN=John Smith,OU=Sales Department,DC=contoso,DC=com",user,John Smith,john.smith@contoso.com, – Line will create user called John Smith in the Sales Department OU under domain contoso. It also contain the values which pass to the listed LDAP attributes in first line.

One disadvantage of CSVDE is you cannot import user passwords. there for when user create in AD user will initially add as disabled account and administrator need to set a password and enable it manually.

Lets test the user import,

The command which can use this is

csvde -i -f C:\Sales\NewUsers.csv -k

C:\Sales\NewUsers.csv –  Is the path for the csv file.

This command need to run on cmd as administrator and it should be AD server.

csvp1

According to message , it saying one entry is added successfully. let's go to the AD and confirm the account creation.

csvp2

as we can see the user account successfully created. lets check if its pass the info defined in the CSV file.

General Properties

csvp3

Account Properties

csvp4

So according to above screenshots its successfully added the info which is defined on the csv file.

as i explain before the account will be in disabled mode as we cant import passwords. to enable it we need to set a password.

to do it right click on the user account and select option "reset password"

csvp5

In next window we can define the password and click ok.

csvp6

To enable the account again right click on user account and from the options select "Enable Account"

csvp7

This is the end of part 2 of the article and in next post will explain about another automation tool.

Related posts
Cyber SecurityMicrosoft Entra IDMicrosoft Technologies

Microsoft Entra lifecycle workflows Part 02 - How to synchronize value for employeeHireDate attribute from on-premises Active Directory ?

In my previous blog post, I explained how we can automate JML (Joiners/Movers/Leavers) process by…
Read more
Azure servicesMicrosoft Entra IDMicrosoft Technologies

Step-by-Step Guide : Automate JML(Joiners/Movers/Leavers) process with Microsoft Entra lifecycle workflows

JML (Joiners/Movers/Leavers) process of an organization has a major impact on its security and…
Read more
Cyber SecurityMicrosoft DefenderMicrosoft Technologies

Microsoft Defender for Identity Part 02 – Create Directory Service Account

In Part 01 of Microsoft Defender for Identity blog series, I have explained about Microsoft Defender…
Read more
Newsletter
Become a Trendsetter

Sign up and get the best of RebelAdmin, tailored for you.

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *