Import-ADUser: All I can say is WoW! Posh 55 / Vbscript 210
Wow.. Just another example of Powershell Proving it is the BIG DOG in the Admin and scripting World!
55 lines vs 200+ line VBScript and the output is PRETTY! 
CSV file should look like this although only Fullname/sAMAccountName/Mail are required
FullName,sAMAccountName,Mail,Title,Description,Department,manager,Groups
John Smith,jsmith,jsmith@lab.com,BossMan,IdaMaster,IT,me,”Tgroup1,Tgroup2,Tgroup3″
### Import-ADUsersFromCSV
function Get-UserDN{
Param($usr,$dom)
$root = [ADSI]"LDAP://$dom"
$filter = "(&(objectcategory=user)(sAMAccountName=$usr))"
$searcher = New-Object System.DirectoryServices.DirectorySearcher($root,$filter)
$searcher.findone() | %{$_.properties.distinguishedname}
}
function Add-UsertoGroup{
param($group,$UserDN,$dom)
$root = [ADSI]"LDAP://$dom"
$filter = "(&(objectcategory=group)(Name=$Group))"
$searcher = New-Object System.DirectoryServices.DirectorySearcher($root,$filter)
$grp = ($searcher.findone()).GetDirectoryEntry()
$grp.add("LDAP://$dom/$UserDN")
$grp.SetInfo()
}
$Users = Import-Csv $ImportFile
foreach($user in $users)
{
Write-Host "+ Creating User <$($User.FullName)>"
# Checking for sAMAccountName/Mail/FullName
if(!$user.sAMAccountName){Write-Host " - User $($User.FullName) has no sAMAccountName";continue}
if(!$user.mail){Write-Host " - User $($User.FullName) has no mail";continue}
if(!$user.fullname){Write-Host " - User $($User.sAMAccountName) has no FullName";continue}
if($user.ManagerName)
{
$manager = Get-UserDN $user.ManagerName -dom $domain
Write-Host " - Manager DN $Manager"
}
# Creating Account in OU
$UserOU = [ADSI]"LDAP://$domain/$OU"
$userObj = $UserOU.Create("User","CN=$($User.FullName)")
$userObj.put("givenName",($user.FullName).Split()[0])
$userObj.put("sn",($user.FullName).Split()[1])
Write-Host " - Setting User NTLogin $($user.sAMAccountName)";$userObj.put("samAccountName",$user.sAMAccountName)
Write-Host " - Setting User Email $($user.mail)";$userObj.put("mail",$user.mail)
if($user.Designation)
{Write-Host " - Setting User Designation $($user.Title)";$userObj.put("Title",$user.Title)}
if($user.Description)
{Write-Host " - Setting User Description $($user.Description)";$userObj.put("Description",$user.Description)}
if($user.department)
{Write-Host " - Setting User Department $($user.department)";$userObj.put("department",$user.department)}
$userObj.Setinfo()
$userObj.psbase.invokeset(‘accountdisabled’, $false)
$userObj.Setinfo()
$userObj.psbase.invoke("setpassword",$password)
$userObj.Setinfo()
foreach($g in (($user.Groups).Split(",")))
{
Write-Host " - Adding User to $g"
Add-UsertoGroup -group $g -UserDN $userObj.distinguishedname -dom $domain
}
write-Host
}
###################################
OUTPUT
###################################
+ Creating User
- Manager DN CN=me,OU=MyUsers,DC=lab,DC=com
- Setting User NTLogin jsmith
- Setting User Email jsmith@lab.com
- Setting User Designation Loser
- Setting User Description Pretty Cool Guy
- Setting User Department IT
- Adding User to tgroup1
- Adding User to tgroup2
+ Creating User
- Manager DN CN=me,OU=MyUsers,DC=lab,DC=com
- Setting User NTLogin gsmith
- Setting User Email gsmith@lab.com
- Setting User Designation Loser
- Setting User Description Pretty Cool Guy
- Setting User Department Sales
- Adding User to tgroup1
- Adding User to tgroup2
tshell :: Sep.14.2007 :: Active Directory, HowTo, Powershell :: No Comments »
Have you considered replacing the write-hosts with write-verbose? That way if someone wants the full output, they can set the $verbosepreference accordingly, otherwise, it’s silent.
That is a good suggestion… I normally add a
-verbose switch… this was just a quick 10min script.
Thanks for the sample script. I have a suggestion. If a person has more than one name, like “Firstname Middlename Lastname” your script only uses “Firstname” and “Lastname”.
How about using the first two as givenName? Like:
$usrObj.put(”givenName”,$($user.FullName).replace(” $(($u.FullName).split()[-1])”,”"))
Regards
Brian