Tuesday, February 5, 2013

Creating User Accounts and Copying Existing Group Membership with PowerShell

The script in this post will get you started in using PowerShell scripts to automate your user account creation. It has very basic functionality so far. It takes the username as input from the user. It also asks if you'd like to copy the group membership of an existing user. It then creates a new user in the default container with the appropriate group membership.

In a production environment, I'd expect this to be enhanced to include things like the user's full name, the department, a description, etc. Also, the accounts are created in a disabled state, since no password is given to them. Every organization has a different new user account password policy, whether it's 10 random characters, or "password," you'll need to adapt this script to meet it. There are plenty of examples on the net for how to convert a plaintext password to a secure string for use in setting the password and enabling the account. For now, this is a good skeleton to get you started.

1 comment:

  1. ForEach ($g in Get-ADUser "QuellUser" -Properties memberof | Select-Object -expand memberof) { add-adgroupmember $g "ZielUser"}