Share via


Working with Active Directory and PowerShell (part 1) - Creating an Organizational Unit

Next on the agenda for building this demo environment was to create users in Active Directory.

I can honestly say that I didn't have a clue on how to do this, so I went to https://www.live.com and found this site:
https://thelazyadmin.com/blogs/thelazyadmin/archive/2007/05/14/create-an-ad-user-in-powershell.aspx
I also found this site:
https://powershelllive.com/blogs/lunch/archive/2007/04/05/day-7-manage-users.aspx

That gave me some pointers on how to do this.
Our domain is contoso.com, and I want to place the users in an Organizational Unit called "Demo Users".
To connect to Active Directory we need an LDAP string. It would in this case look like this:
"LDAP://localhost:389/ DC=contoso, DC=com" – localhost since the Active Directory is on this machine.
The PowerShell command would be this:
$domainObj = [ADSI] "LDAP://localhost:389/ DC=contoso, DC=com"

Creating the group is this command:
$domainGroup = $domainObj.Create("OrganizationalUnit","ou=Demo Users")

$domainGroup.SetInfo()

Run this command to check the result:
$domainObj.psbase.Get_Children()

distinguishedName
-----------------
{CN=Builtin,DC=contoso,DC=com}
{CN=Computers,DC=contoso,DC=com}
{OU=Demo Users,DC=contoso,DC=com}
{OU=Domain Controllers,DC=contoso,DC=com}
{CN=ForeignSecurityPrincipals,DC=contoso,DC=com}
{CN=Infrastructure,DC=contoso,DC=com}
{CN=LostAndFound,DC=contoso,DC=com}
{CN=NTDS Quotas,DC=contoso,DC=com}
{CN=Program Data,DC=contoso,DC=com}
{OU=Service Users,DC=contoso,DC=com}
{CN=System,DC=contoso,DC=com}
{CN=Users,DC=contoso,DC=com}