Share via

Creating New AD Users in Powershell from Existing User

Marc 631 Reputation points
2022-10-04T22:21:08.1+00:00

Often I have to create new users in active directory by copying the profile of an user already present.
Is there a way to make my life easier with powershel ?

Can I modify this one?

$userInstance = Get-ADUser -Identity "saraDavis"
New-ADUser -SAMAccountName "ellenAdams" -Instance $userInstance -DisplayName "EllenAdams"

I have to modify/add the value to the new user listed below:

  • User logon name:
  • Profile > content ( in home folder)
  • Attribute editor >Employ ID
Windows for business Windows Client for IT Pros Directory services Active Directory
Windows for business Windows Server User experience PowerShell
0 comments

8 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Rafael da Rocha 5,251 Reputation points
    2022-10-05T01:51:55.97+00:00

    Hello,

    these values can be set using the following parameters of New-ADUser cmdlet:

    User logon name: -UserPrincipalName <String>

    Profile > content ( in home folder): -HomeDirectory <String>

    Attribute editor >Employ ID: -EmployeeID <String>

    All parameters are listed here:
    New-ADUser

    For your code, it would look something like this: 

    $userInstance = Get-ADUser -Identity "saraDavis"   
New-ADUser -SAMAccountName "ellenAdams" -Instance $userInstance -DisplayName "EllenAdams" -UserPrincipalName "EllenAdams@domain.local" -HomeDirectory "Path" -EmployeeID "12345"

    ----------

    If any reply helped solve your question, please remember to upvote and/or "Accept Answer".
    It helps others facing similar issues find the solution.

    0 comments
  2. Cedric NONOGNI 166 Reputation points
    2022-10-05T02:18:51.077+00:00

    Hi @Marc ,
    That’s exactly what you need for that.
    In your script, just replace « saraDavis » by your source or template account.

    One good practice would be to create one or more templates account with all properties you want.
    Also, when you populate your variable &userinstance you could specify all properties you wish to copy as shown below, that for avoiding errors during copy, because not every attributes can be copied.

    $newuser= Get-ADUser -Identity usertemplate01 -Properties StreetAddress,City,Title,PostalCode,Office,Department,Manager

    Hope this will be helpful...
    Regards.

    0 comments
  3. Marc 631 Reputation points
    2022-10-05T07:18:51.997+00:00

    Thank you both, very useful.
    What about "member Of"? how can I import / populate these "folders" to the new user as well?

  4. Marc 631 Reputation points
    2022-10-05T09:16:03.873+00:00

    I found out "memberof"

    0 comments
  5. Marc 631 Reputation points
    2022-10-05T11:15:40.56+00:00

    I did a test:

    $userInstance = Get-ADUser -Identity 111111 -Prop * | select memberof, UserPrincipalName , ChangePasswordAtLogon, Description, DisplayName, HomeDirectory, HomeDrive, Office, Path, Company, Department, Manager, ScriptPath, Division, Fax, Organization, ProfilePath, Surname, Title, Country, State
    New-ADUser -SAMAccountName "101010" -Instance $userInstance -Name "Bob" -Surname "Smith"-DisplayName "Smith Bob" -UserPrincipalName "101010@keyman .it" -HomeDirectory "\HOMEFOLDER\101010" -EmployeeID "101010"

    I have received the error below(I have admin right):

    New-ADUser : Access is denied
    At line:2 char:1

    • New-ADUser -SAMAccountName "101010" -Instance $userInstance -Name " ...
    • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : PermissionDenied: (CN=Bob,CN=Users,DC=xxx,DC=xxxxx,DC=it:String) [New-ADUser], Unaut
      horizedAccessException
    • FullyQualifiedErrorId : ActiveDirectoryCmdlet:System.UnauthorizedAccessException,Microsoft.ActiveDirectory.Man
      agement.Commands.NewADUser

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.