How to create a new Active Directory user account using PowerShell
To create a new Active Directory user account using PowerShell, the New-ADUser cmdlet has to be used. This article explains how to create an AD account using PowerShell and also using ADManager Plus, a completely GUI-based Active Directory, Office 365 and Exchange management and reporting solution. This article compares the user creation process using both PowerShell and ADManager Plus, and demonstrates why ADManager Plus is the simplest and easiest option among the two.
Steps to create an AD user account using PowerShell.
- Ensure you have the necessary permissions to perform this action, and also to execute PowerShell scripts.
- Get the value for necessary attributes like the sAMAccountName, the distinguished name (DN), password, etc. of the account to be created.
- Create the script using the New-ADUser cmdlet, and execute it in the PowerShell window.
A sample PowerShell script to create an AD user account
New-ADUser -Name "JohnS"
This script will add the new user account, JohnS, to AD, but its status will be disabled. We have to modify the account by setting the other attributes and enable it.
Sample script to create a user account that can be used by the corresponding user to log in
Click to copy entire script
New-ADUser -Name “James Bond” -SamAccountName “jamesb” -GivenName “James” -Surname “Bond”-Path “OU=SaveTheWorld,DC=Example,DC=com” -AccountPassword(“password” -AsSecureString) -Enabled $true
To create a new AD user account
- Click the Create Single User option located in User Management, in Management tab.
- Select the desired Domain and template, enter all the necessary attributes, and click Create.
» Start 30-day Free Trial
Limitations of using PowerShell to create new user accounts in AD.
- You will not be able to create AD user accounts using PowerShell if you do not have sufficient permissions in AD. With ADManager Plus, users' privileges in native AD doesn't have to be elevated to create AD user accounts.
- Using PowerShell to create user accounts with all the necessary attributes is difficult as the LDAP names of all the attributes must be entered in the script correctly; any typo will lead to errors. ADManager Plus on the other hand, offers user creation templates which any user can use to configure all attributes at once. These templates also offer rules, which allow the configuration of specific attributes automatically, in just a single click.
- If a user account with the same name already exists, user creation with PowerShell will lead to errors. But with ADManager Plus, it will be possible to proactively detect and avoid duplicates, by appending numbers to names, and so on.
- Creating and applying custom naming formats using PowerShell can be nothing short of a struggle. ADManager Plus though, offers a built-in option that allows you to create and use multiple customized naming formats easily, without even a single line of code.
- With PowerShell, automating new user creation requires a complex and long script. However, ADManager Plus allows you to automate user creation with simple point and click actions.
- If you wish to create AD accounts in bulk or use a CSV file to create multiple AD accounts using PowerShell, the script has to be modified. With ADManager Plus though, as the import CSV option is built-in, you can use the user creation feature to create just one account or multiple accounts at once.
- You must know how to run the scripts from the PowerShell window. ADManager Plus is purely GUI-based, allowing you to perform all management and reporting actions with just mouse clicks from its web-based console.
- Even a misplaced hyphen, or lack of sufficient permission to configure any of the attributes used in the script will lead to errors. As all actions in ADManager Plus are GUI-driven, there is no need to write scripts, eliminating the chances of errors.