In Active Directory there are many ways to create users depending on the situation. I will go over two ways in this post, using Active Directory Users and Computers (ADUC) and the Dsadd to get things done much quicker.

This post will assume you have already promoted a domain controller.

 Creating Users with ADUC

Open Active Directory Users and Computers.

I have already created the OU Montreal and within that a child OU called Sales.

From here we can click on the OU where we want the user to bre created. In this case we will right click on the Sales OU, select New and click on User

Fill out the basic user information and click next.

On the next page set the users password and click next.

Our user is now created into the sales OU. This is very simple but also very time consuming if we have more than a couple users to create.

Creating Users with Dsadd

The Dsadd command line utility will allow us to skip the GUI user creation proccess to more quickly create users.

Example syntax for Dsadd command to create the user Anthony Davis:

dsadd user cn=ADavis,ou=Sales,ou=Montreal,dc=bryanlab,dc=org -pwd [email protected] -fn Anthony -ln Davis -disabled no -mustchpwd yes

This will create the user Anthony Davis under the Montreal>Sales OU. This user will be enabled and required to change their password upon first logon.

Once the command is run you should receive a success message and the user will be created in the correct OU with the properties you defined.


Semi-automating User Creation with Dsadd

So we can see that by modifying a few lines each time in notepad and pasting into the command line we may be able to save a bit of time. A way to get this done even quicker for batching small amounts of users is using this command in a batch file using variables.

Above we used the following command which is fine to create one user but then you either have to copy and paste or rewrite the whole command each time. This time we use the same syntax but use placeholders variables for the key values we need to change for each new user. Namely the logon name, first name and last name.

dsadd user cn=%1,ou=Sales,ou=Montreal,dc=bryanlab,dc=org -pwd [email protected] -fn %2 -ln %3 -disabled no -mustchpwd yes

Save the above to a .bat file.

Open an elevated command prompt and navigate to the directory of your bat file

Enter the name of your .bat file followed by the object name, first name and last name. For example:

new_user.bat advais Anthony Davis

You can then simply keep running this command while only having to type in the few variables than change from user to user which should make creating small sets of users much easier.

Special Considerations: You will need to modify the DN to match your forest and OU structure. Also in production you may need to add additional variables such as “-samid” and “-upn”. You will also likely want to have multiple .bat files for diffident OU structures and name them accordingly.

For a full list of Dsadd variables see Technet.

This may be good for up to 10 or maybe 20 users but more than that may still be too much typing for lazy administrators. My next post will make importing bulk users through the CSVDE command very straight forward.