Every year, educational institutions enroll hundreds of students. As a result, the institutions’ system engineers require extra time and effort to create an AD account for each student and then to manually inform the students about their usernames and passwords.
This step-by-step guide will make system engineers’ lives a little easier with the help of PowerShell scripting. The script enables you to create AD user accounts from a CSV file, assign random passwords to them, and then send those usernames and passwords to the new students in welcome emails.
I have used the following cmdlets in my script. Click on any individual cmdlet for more details.
- Import-CSV (for importing user details)
- Get-Credential (for getting email credentials)
- Get-Random (for generating passwords)
- New-ADUser (for creating new AD users)
- Get-Content (for reading email contents from a file)
- Send-MailMessage (for sending emails to users)
To send the emails with credentials to the new users, I am using a Gmail SMTP server. However, you can configure the script to your IT environment and your mail server.
The script below was written and tested on DC running on Windows Server 2016. If you need to run the script on Windows Server 2012, 2012 R2, or 2008, you may have to import some PowerShell modules.
Before you run the script, cross-check for the following prerequisites:
- A CSV file with the students’ info (first name, last name, Sam account name, and email address)
- A text or Word (doc or docx) file with a welcome email message
- An enabled Internet connection (if you want to use a Gmail SMTP server)
If you have met all these requirements, you can create AD accounts and send welcome emails in bulk by following two simple steps:
Step 1.
Copy and paste the script into a text file and save it with the .ps1 extension:
##Beginning of functions Function Format-Email { Param ([string]$WCEmailContent,[string]$UserPrincipalName,[string]$UserPassword) return $WCEmailContent + "User Name = $UserPrincipalName Password = $UserPassword Thank You IT Department" } Function Send-Email { Param ($Email, $Credential,[string]$WCEmailContent) $From = "karim.buzdar@gmail.com" $subject = "Domain Account Details" $Body = $WCEmailContent $SMTPServer = "smtp.gmail.com" $SMTPPort = "587" Send-MailMessage -from $From -to $Email -Subject $subject -Body $Body -SmtpServer $SMTPServer -Port $SMTPPort -Credential $Credential -UseSsl } ###End of Functions ##### Beginning of main programme $Credential = (get-Credential) #Getting email credentials to be used for From field in Email message $UsersFilePath = "C:UsersAdministrator.YOURDOMAINDesktopWCusers.csv" # Files of users information (First name, Last name, Sam account name, Email address) $WCEmailFile = "C:UsersAdministrator.YOURDOMAINDesktopWCWCEmail.docx" # File containing welcome email message import-csv -path $UsersFilePath | foreach { $Name = ($_.GivenName + " " + $_.LastName) $UserPrincipalName = ($_.SamAccountName + ”@yourdomain.com”) $UserPassword = Get-Random -maximum 20000 -Minimum 100 $UserPassword = "@" + "user" + $UserPassword.ToString() #Create user in Students OU new-aduser -name $Name -enabled $true -GivenName $_.GivenName –surname $_.lastName -accountpassword (convertto-securestring $UserPassword -asplaintext -force) -changepasswordatlogon $true -samaccountname $_.SamAccountName –userprincipalname $UserPrincipalName -EmailAddress $_.EmailAddress -Path 'OU=Students,DC=yourdomain,DC=com' -ErrorAction Stop $WCEmailContent = Format-Email -WCEmailContent (Get-Content $WCEmailFile) -UserPrinciPalName $UserPrincipalName -UserPassword $UserPassword Send-Email -Email $_.EmailAddress -Credential $Credential -WCEmailContent $WCEmailContent Write-Host "User Created: $Name" } ### End of main program
Step 2.
Open PowerShell with your elevated privileges and execute the script file that you created in Step 1.
Once you have successfully executed the script, users can immediately log in to the domain. You can verify the account creation in Active Directory Users and Computers console and email the notification about the account creation by using CC field in Send-MailMessage cmdlet.
Check out my recent post to learn how to discover new users added in AD within the last 24 hours and email their credentials using PowerShell. You may also try this How-to: Export Specific Users from Active Directory if you are frequently asked to export AD users to CSV.
Please feel free to leave your suggestions in comments so that we can enhance the script functionality.