Onsite or Remote Support
Call (519) 573-3759
Automation is the key to streamlining Active Directory management tasks. In this article, I’ll show you how to create, change and test user passwords with PowerShell scripts.
Before you can use PowerShell to manage Active Directory, you need to install the Active Directory PowerShell module. If you are using Windows 10 to manage AD, first install the Remote Server Administration Tools (RSAT).
If you are using Windows 10 version 1809, RSAT is included as a Feature On Demand, so you don’t need to download the RSAT package. To enable RSAT in Windows 10 version 1809, run the following command in an elevated PowerShell console:
Add-WindowsCapability -Online -Name Rsat. ActiveDirectory.DS-LDS.Tools~~~~0.0.1.0
If you are using an earlier version of Windows 10, download the appropriate RSAT package from Microsoft’s website:
Once RSAT is installed, start the PowerShell console as a local administrator and enable the AD PowerShell module using this PowerShell command:
Enable-WindowsOptionalFeature -Online -FeatureName RSATClient-Roles-AD-Powershell
Create credential with password using PowerShell
To create a new user account, use the New-ADUser cmdlet. In the example below, I have hardcoded the ad.contoso.com domain in the $UPN variable. You should change this to match the UPN suffix you want to assign to users. Provide the user’s first name and last name. The UPN and SamAccountName will then be created by adding a period between the first and last name.
Use the following PowerShell script:
$GivenName = (Read-Host -Prompt "First Name")
$Surname = (Read-Host -Prompt "Last Name")
$User = $GivenName+"."+$Surname $UPN = $User+"@ad.contoso.com"
$Password = (Read-Host -Prompt "Password" -AsSecureString) New-ADUser -Name
$User -SamAccountName $User -UserPrincipalName $UPN -AccountPassword
$Password -GivenName $GivenName -Surname
$Surname -Enabled $True