This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 88%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJR%3C/text%3E%3C/svg%3E)
I have 50+ Active Directory users to create and I am attempting to do so with PowerShell. The idea is to have the username contain a number and increment by one through the loop. I'm also attempting to do the same increment with the password. The following script works with the exception of the password. I cannot figure out how to get the password to work.
The ideal result will be the users will be created like this...
Username: Training1 Password: Training1#5076
Username: Training2 Password: Training2#5076
etc, etc, etc,.
I have tried entering a simple string for the $PwCount and it works. I have tried using a variable for $PwCount and it works. And I have tried just entering a string for AccountPassword and it works. Where things break, is when I try to use multiple varialbes, in this case, including the $counter. Each time I attempt to run the script, I receive error: Cannot bind parameter 'AccountPassword'. Cannot convert the "System.Security.SecureString" value of type "System.String" to type "System.Security.SecureString".
Hi @Jason Russell ,
it seems something went wrong with posting your PowerShell script.
Could you please post your script here. This makes it easier to help.
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
[string]$FirstName = "Training"
[string]$Pwd1 = "Training"
[string]$Pwd2 = "#5076"
[int]$repeat = 1 #Change this to 50
for ($counter = 1; $counter -le $repeat; $counter++){
$FnCount = "$FirstName$counter"
$PwdCount = ConvertTo-SecureString $Pwd1$counter$Pwd2 -AsPlainText -Force
$UserPath = "OU=Training,OU=ABC_Users,DC=ABC,DC=local"
$GroupPath = "OU=ABC_Groups,DC=ABC,DC=local"
$Pword = "ThisIsAPassword1!"
$Groups = @("Training","Remote")
$UserObject = @{
AccountPassword = $PwdCount
Name = $FnCount
GivenName = $FnCount
PasswordNeverExpires = $True
Path = $UserPath
SamAccountname = $FnCount
UserPrincipalName = "$FnCount@ABC.local"
Enabled = $True
DisplayName = $FnCount
CannotChangePassword = $True
}
New-ADUser @UserObject
#Add account to groups
Get-ADGroup -Server "abc.local" -SearchBase $GroupPath -Filter "name -like 'Training'" | Add-ADGroupMember -Members "CN=$Name,$UserPath"
Get-ADGroup -Server "abc.local" -SearchBase $GroupPath -Filter "name -like 'Remote'" | Add-ADGroupMember -Members "CN=$Name,$UserPath"
}
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 74%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
I think you're looking for something like this:
1..50 |
ForEach-Object{
$acct = "Training{0}" -f $_
$secpw = ConvertTo-SecureString ("Training{0}#5076" -f $_) -AsPlainText -Force
New-ADUser -Name $acct -AccountPassword $secpw
}
With the exception of using Training in both the -Name and the -AccountPassword, this works. I had to make the strings different from each other because I kept getting password complexity errors. Thank you!
Does this work for you?
$FirstName = "Training"
$Pwd1 = "Training"
$Pwd2 = "#5076"
$repeat = 1 #Change this to 50
$Groups = "Training","Remote"
$UserPath = "OU=Training,OU=ABC_Users,DC=ABC,DC=local"
$GroupPath = "OU=ABC_Groups,DC=ABC,DC=local"
1..$repeat |
ForEach-Object{
$FnCount = "{0}{1}" -f $FirstName, $_
$PwdCount = ConvertTo-SecureString ("{0}{1}{2}" -f $Pwd1, $_, $Pwd2) -AsPlainText -Force
$UserObject = @{
AccountPassword = $PwdCount
Name = $FnCount
GivenName = $FnCount
PasswordNeverExpires = $True
Path = $UserPath
SamAccountname = $FnCount
UserPrincipalName = "{0}@ABC.local" -f $FnCount
Enabled = $True
DisplayName = $FnCount
CannotChangePassword = $True
}
$g = "" # Used in catch block
try{
$u = New-ADUser @UserObject -ErrorAction STOP
#Add account to groups
ForEach ($group in $Groups){
$g = Get-ADGroup -Server "abc.local" -SearchBase $GroupPath -Filter "name -like '$group'"
if ($null -ne $g){
$g | Add-ADGroupMember -Members $u.distinguishedName -ErrorAction STOP
}
else{
Write-Host "could not find '$group'" -ForegroundColor Red
}
}
}
catch{
Write-Host "Failed to create user '$fncount', or failed to add $fncount to group $($g.distinguishedName)" -ForegroundColor Red
Write-Host $_
}
}
Thank you for this code. Although your first answer solved my problem, I see some interesting code to study in your second example.