<#Created by Tom Mekeel under "GPLv3" Copyright 2011-2016 Thomas Mekeel Jr. Revision 3.07182016 This Powershell Script is distributed with no warranties, nor is it fit for a particular purpose. I hold no responsibilities if this code breaks something, so test accordingly!! Please test this in a lab environment prior to using in production. Read and understand the code. I have added comments where I could to help you in your coding journey. If you have any questions or suggestions for improvement feel free to contact me via email: tom @t mekeel d0t net I will be happy to help you modify this applicaiton to suit your needs when possible. I code because it's fun, not to make money-it's to help me accomplish my daily tasks quickly, and I share because we should. Please enjoy my efforts and I hope you gain from them. A text version is available, just change the extenstion to ps1 and run it using an accompanying csv in the same directory as the script. A test user has been created in the csv as an example. You will need to modify some of the csv headers to match your environment-especially subdomain, rootdomain, topleveldomain. Store a file named csvcontent.csv in the directory where the ps1 file is located for ease of use. Otherwise use absolute path such as C:\Scripts\csvcontent.csv csvcontent.csv fields can be populated for all columns but columns can be empty if you dont need the information imported into Active Directory. #> $csvcontent = Import-CSV -Path csvcontent.csv foreach ($user in $csvcontent) { #Sets Organizational Unit for the new user $OU1 = $user.ou1 $OU2 = $user.ou2 #Set AD sub domain--For example, if your AD internal domain is internal.contoso.com, $DC1 == internal $DC1 = $user.subdomain <#Check to see if you have a subdomain as root, if not uses only root domain and top level domain. For example ad.yourdomain.com or just yourdomain.com. #> if (!$user.subdomain) {$Path="OU=$OU1,DC=$DC2,DC=$DC3"} else {$Path="OU=$OU1,OU=$OU2,DC=$DC1,DC=$DC2,DC=$DC3"} #Set internal Active Directory root domain--For example, if you are contoso.com, $DC2 == contoso $DC2 = $user.rootdomain #Set internal Active Directory top level domain--For example, if you are contoso.com, $DC3 == com $DC3 = $user.topleveldomain <#Set UPN root domain--For example, if you are contoso.net, $UPNROOT == contoso This field could match your internal domain as well, but my experience is that they usually don't so the logic is here for that. If yours match, just make them match in the CSV and you should be good to go!#> $UPNROOTD = $user.upnrootdomain <#Set UPN top level domain--For example, if you are contoso.net, $UPNTLD == net This field could match your internal domain as well, but my experience is that they usually don't so the logic is here for that. If yours match, just make them match in the CSV and you should be good to go!#> $UPNTLD = $user.upntopleveldomain $UPN = $UPNROOTD+ "." +$UPNTLD <#Create User using the following: First Initial of First Name, LastName, Middle Initial --Populate new user fields: Initials, Department, Title, Company, Office, Phone Number, Email Address, Home Page --Enable new user account: Temporary Password created from $user.passwordstart appended with $user.salt and set to Change at initial login Change the $user.seed in the CSV column to your liking-last 4 digits of Social Security Number for example, or employee ID as another example. This results in a known start, followed by a hash that only the user should be aware of, while simplifying letting the users know their initial password. --Set UPN as defined by user's rootdomain and user's topleveldomain fields (may not match default UPN if internal AD domain is different) ***Be Sure to VERIFY your UPN exists prior to creating users or it may fail with bad syntax, or "server is unwilling to process the requst"*** #> New-ADUser -AccountPassword (ConvertTo-SecureString ($user.passwordstart+$user.salt) -AsPlainText -Force) -ChangePasswordAtLogon $false -DisplayName ($user.Firstname+" "+$user.middleinitial+" "+$user.Lastname) -Initials ($user.Firstname.Substring(0,1)+$user.middleinitial+$user.Lastname.Substring(0,1)) -Enabled $true -Name ($user.Firstname+" "+$user.Lastname) -Path $Path -givenname $user.Firstname -surname $user.Lastname -userprincipalname ($user.Firstname.Substring(0,1)+$user.Lastname+ "@" +$UPN) -samaccountname ($user.Firstname.Substring(0,1)+$user.Lastname) -Department $user.department -Title $user.title -Company $user.company -Description $user.description -Office $user.office -OfficePhone $user.officephone -EmailAddress $user.contactemail -HomePage $user.homepage } #Skip populating Manager if field is empty if([string]::IsNullOrEmpty($user.Mgr)){break} #Populate Manager field if value exists in CSV $managerSAMAccountName = Get-ADUser -Identity $user.Mgr $newusername = Get-ADUser -Identity ($user.Firstname.Substring(0,1)+$user.Lastname) Set-ADUser -Identity $newusername -Manager $managerSAMAccountName