How To Create Bulk Users in Active Directory

It happens to every admin at some point. That single request to create a dozen or more new user accounts as soon as possible. In this article, we’ll review a few ways to quickly create bulk users in Active Directory (AD).

One of the easiest ways to create bulk users is to leverage a tool. While this can be done in PowerShell, sometimes using a tool is more convenient and faster when you’re in a pinch. No matter what method you use, you’re going to need to set up a CSV file with the user information, so that will be our first step.

Creating The CSV File

We’ll need to create a CSV file template that Active Directory will read and pull user information from. Create a new CSV in Excel, OpenOffice, or whatever program you use for spreadsheets. We’ll need to create five different columns:

• First name
• Last name
• Username
• Password
• OU location

Create each column and use single words for the title. For example, the first name column would be “firstname”. This is for attribute mapping, and if you have other fields you’d like to include such as email or telephone number, feel free to include those as well.

Depending on how your company structures user objects, you may need to change the OU path depending on what permissions that user needs. Be sure to change the OU path to reflect where the user account should be sent to.

If you’re unsure of the OU path, you can find it by doing the following:

1. Launch Active Directory Users and Computers.
2. Click View, and then Advanced Features.
3. Right-click on the OU you want and select Properties.
4. Click on the Attribute Editor tab and then select the distinguishedName field.
5. Copy the path of the OU and put it in the OU section of your CSV.
6. Double-check all of your user information and then save the file in CSV format in the root of your C drive and name it newusers.csv.

Keep this CSV handy, and even consider sharing it with HR or whoever handles new hires. If they have access to this sheet, they can pre-fill it with information upon bulk user requests

Creating Bulk Users With A Tool

The Admin Bundle for Active Directory by SolarWinds contains helpful features like inactive user removal, inactive PC management, and of course bulk user creation. It is a free bundle of tools.

1. Download the program and then run the MSI setup.
   The installation is straightforward and just requires that you accept a user agreement, and provide an installation path for the program. The tool is very lightweight and designed to be installed directly inside of an Active Directory environment.
2. Launch the SolarWinds Admin Tool and select the path to your CSV under the Select Users To Import section. Click Next. You should see a section where you can map custom fields.
3. On the left are the rows from the CSV you created earlier. Simply select and match each attribute so they match the window on the right. You can add new attributes on the fly as well by using the Add button in the bottom right.
4. Click Next, and you should see a preview of the user accounts you wish to add on the next page. Here you can double-check the attributes and confirm your settings.
5. Click the Create button.

SolarWinds Admin Bundle for Active Directory 100% FREE Bundle Download

Creating Bulk Users With PowerShell

As you can imagine, creating user accounts one at a time is time-consuming, even if you’re fairly quick at the process. When you add dozens of new users into the mix, even the most experienced sysadmin will want to leverage bulk creation to speed up the process.

For this method, you’ll need PowerShell and a CSV file.

The steps below install the AD DS and AD LDS Tools as well as the PowerShell ISE module. If you already know you have access to PowerShell on your server, you can skip these steps.

Installing PowerShell Modules

1. First, let’s make sure the PowerShell module is installed on the domain controller by going to Server Manager and clicking on Add Roles and Features.
2. Scroll down until you see Remote Server Administration Tools. Drill down further to Role Administration Tools, then choose AD DS and AD LDS Tools and click install.
   Next, we’ll install the PowerShell ISE module.
3. Navigate to Server Manager, Roles, and Features and click Next until you reach the Features section.
4. Scroll towards the bottom of the list until you find Windows PowerShell. Select it, and then choose Windows PowerShell ISE under its nested group
5. Click Install.

Creating The PowerShell Script

Next, we’ll need to tell the script where to pull information from and change a few other lines that will be unique to your environment.

1. Copy the code below and paste it into Wordpad.
2. Save it as bulk_newusers.ps1.

# Import active directory module for running AD cmdlets

Import-Module activedirectory

#Store the data from ADUsers.csv in the $ADUsers variable

$ADUsers = Import-csv C:\newusers.csv

#Loop through each row containing user details in the CSV file

foreach ($User in $ADUsers)

{

#Read user data from each field in each row and assign the data to a variable as below

$Username = $User.username

$Password = $User.password

$Firstname = $User.firstname

$Lastname = $User.lastname

$OU = $User.ou #This field refers to the OU the user account is to be created in

$email = $User.email

$streetaddress = $User.streetaddress

$city = $User.city

$zipcode = $User.zipcode

$state = $User.state

$country = $User.country

$telephone = $User.telephone

$jobtitle = $User.jobtitle

$company = $User.company

$department = $User.department

$Password = $User.Password

#Check to see if the user already exists in AD

if (Get-ADUser -F {SamAccountName -eq $Username})

{

#If user does exist, give a warning

Write-Warning "A user account with username $Username already exists in Active Directory."

}

else

{

#User does not exist then proceed to create the new user account

#Account will be created in the OU provided by the $OU variable read from the CSV file

New-ADUser `

-SamAccountName $Username `

-UserPrincipalName "$Username@yourdomain.com" `

-Name "$Firstname $Lastname" `

-GivenName $Firstname `

-Surname $Lastname `

-Enabled $True `

-DisplayName "$Lastname, $Firstname" `

-Path $OU `

-City $city `

-Company $company `

-State $state `

-StreetAddress $streetaddress `

-OfficePhone $telephone `

-EmailAddress $email `

-Title $jobtitle `

-Department $department `

-AccountPassword (convertto-securestring $Password -AsPlainText -Force) -ChangePasswordAtLogon $True

}

}

3. Once created, right-click on the script and click Edit. In the script, make sure – UserPrincipalName $Username@yourdomain.com is replaced with your actual domain.

4. You’ll also want to make sure that your CSV is named “newusers” and is stored in the root of C, or else the $ADUsers = Import-csv command will not work.

5. After the changes click Save and Run the script. Check the OU that you specified in the script for the new accounts, and they should be created.

Can I copy an existing user from Active Directory?

You sure can. Simply right-click on the user and select Copy. Oftentimes admins will create “template” user accounts and create users with the correct groups and permissions based on a template.

While this can be a quick way to create a few accounts, this is still a laborious process for bulk users. Not to mention you may still need to fill out custom attributes such as telephone number, extension, and credentials.

Can I create bulk users in Azure Active Directory?

Good news, Azure Active Directory can import bulk users from CSV as well. If you followed along with the CSV template in this guide, you can modify it to import into Azure. Azure requires that the Name, User principal name, Initial password, and Block sign in (Yes/No) be mandatory required fields in your CSV.

1. Alternatively, you can log in to Azure and navigate to All Users, then select the Bulk Create options. A download button will appear where you can download a CSV template that is already compatible with Microsoft Azure.
2. Download the template, or simply upload your existing file.
3. After your CSV has been uploaded, click Submit. If successful you should get a message validating that your file has been successfully uploaded. If there are errors during the upload process for your CSV file, you can view more details regarding the error under the Bulk operations results page.
   You’ll see under your notifications that a bulk operation is underway, and can view the job status. This usually doesn’t take too long, but depends on how many users were added to the CSV, and how responsive Microsoft’s servers are. Each bulk activity request can run up to one hour, and process 50,000 users each batch.
4. Lastly, you can check and confirm that your new users were created by navigating to Manage > Users and then select All Users to verify your accounts were properly created. If you’re keener on using PowerShell, you can run the following command to view users that you created.

“Get-AzureADUser -Filter “UserType eq ‘Member'”

Can I create bulk users in AD with a single command?

You can create a string of new accounts directly in PowerShell as a single command, but you’re a bit limited in with your scope of customization. For instance, the below command creates 20 test user accounts in the OU labeled TESTUSERS. The code below prompts you to enter a password that will be assigned to all of the accounts, meaning they will need to be changed on login.

$pass = Read-Host "Enter Account Password " -AsSecureString 1..20 | foreach{ New-ADUser -Name "TestUser$_" -AccountPassword $pass -Path "OU=TESTUSERS,DC=mydomain,DC=local" -ChangePasswordAtLogon $true -Enabled $true -PasThru}

As you can see this limits what can be customized at scale but might be useful in environments where generic accounts are used.

Are there any other tools I can use to create bulk users in Active Directory?

ADManager Plus

ManageEngine has a tool called ADManager Plus that helps administrators create bulk users, manage groups, computers, and passwords. AD Manager Plus is a web-based application that gives you the ability to create bulk users in AD and other platforms such as Office365, GSuite, Microsoft Exchange, Skype, and Windows Server (2003/2007/2010/2013/2016).

Similar to the SolarWinds tool, AD Manager Plus uses CSV files to import custom fields and populate that information into user account attributes. The platform comes with templates that can be used for simple bulk user creation, or you can use your own more complex CSVs for larger more detailed imports.

If you find yourself consistently importing new users in bulk, investing in a tool that streamlines the process makes sense.

The tool is available for testing free through a 30-day trial.

Conclusion

Last-minute requests are no fun, especially when they require creating multiple accounts. The good news is that this can be done with a specialized tool such as the AD Admin Bundle, or ADManager Plus. If you’re more of a do-it-yourself administrator, a powerful PowerShell script paired with a CSV can do the heavy lifting for you.

Do you find yourself creating bulk users in Active Directory often? Let us know in the comments what your favorite bulk account creation workflow is.