## define constants
$domainstr = ",dc=difc,dc=root01,dc=org"
$domainnb = "difc" ## domain netbios name
$domain = "difc.root01.org"
$ADs_UF_NORMAL_ACCOUNT = 512 ## enables account and sets password required
## get default passsword - encrypted so not stored in script
# $defaultPassword = Read-Host "Please enter default Password" -asSecureString
## get the list of users from the CSV file
## if need other user properties can add to CSV
## could speed processing by sortng user list by OU but need code
## to handle change of OU. This is simpler as an example
Import-csv c:\users\bhart.difc\desktop\importusers.csv | foreach {
## create user name
# $strusr = $_.Last + " " + $_.First
$strusr = $_.SN + " " + $_.givenName
# $last = $_.SN
# $first = $_.givenName
# $strusr = $_.last + " " + $_.first
$strusr
$ldapstr = "LDAP://OU=" + $_.OU + $domainstr
$target = [ADSI] $ldapstr
$newuser = $target.create("user", "cn=" + $strusr)
$newuser.SetInfo()
$userid = $_.givenName[0]+$_.givenName[1]+$_.SN
if ($userid.length -gt 20){$userid = $userid.substring(0,20)}
# echo $userid;exit;
$newuser.samaccountname = $userid.ToString()
$newuser.givenName = $_.givenName
$newuser.sn = $_.SN
$newuser.displayName = $_.displayName
$newuser.userPrincipalName = $_.givenName[0]+$_.givenName[1]+$_.SN + "@" + $domain
$newuser.company =$_.company
$newuser.mail = $_.mail
$newuser.division = $_.division
$newuser.employeeType = $_.empType
$newuser.employeeID = $_.empID
$newuser.telephoneNumber = $_.telephoneNumber
$newuser.description = $_.description
$newuser.SetInfo()
# $newuser.SetPassword($defaultPassword.ToString())
$newuser.SetPassword($_.password)
## normal user that requires password & is enabled
$newuser.userAccountControl = $ADs_UF_NORMAL_ACCOUNT
$newuser.SetInfo()
# set User must change password at next logon flag
# $newuser.pwdLastSet = 0
# $newuser.SetInfo()
## now set the country
# $newuser.c = $_.Country
# $newuser.SetInfo()
Write-Host "Created Account for: " $newuser.Displayname
}
|