none
New-ADuser error: The server is unwilling to process the request RRS feed

  • Question

  • Hi

    I am attempting to add new users in bulk to AD using the below PowerShell script:

    Import-Module ActiveDirectory
    Import-Csv "C:\users1.csv" | New-ADuser -PasswordNeverExpires $true -AccountPassword (ConvertTo-SecureString "Pass1234" -AsPlainText -Force) -Enabled $True -Server <AD-servername>

    Note: <AD-servername> is replaced by the actual name of the Domain Controller

    The contents of the CSV are (lines 1 & 2 only are provided below):

    Name,Type,SamAccountName,GivenName,Surname,DisplayName,Description,EmailAddress,Company,StreetAddress,State,PostalCode,City,Country,Organization,Path,UserPrincipalName
    DOE John,User,DJohn,John,DOE,John DOE,Sales Supervisor ,DJohn@domain.com,Corp Europe,16 Street Add,MA,1234,Boston,USA,Corp,"OU=Users,OU=warehouse01 - boston - ma,OU=Massachussetts,DC=domain,DC=net",DJohn@domain.com

    When executing the script I get the following error:

    New-ADuser : The server is unwilling to process the request
    At C:\Users.ps1:2 char:29
    + Import-Csv "C:\users ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : NotSpecified: (CN=Djohn...et,DC=domain,DC=net:String) [New-ADUser], ADException
        + FullyQualifiedErrorId : The server is unwilling to process the request,Microsoft.ActiveDirectory.Management.Commands.NewADUser

    After investigation on different forums (e.g: http://www.manageengine.com/products/ad-manager/help/misc/troubleshooting_tips.html#admgmt_usermodificatio_80072035 or http://social.technet.microsoft.com/Forums/scriptcenter/en-US/ae10b881-ae5b-4382-b033-47174e5acd8a/error-with-newaduser-command?forum=winserverpowershell)  I have verified:

    1. that the OU Path is spelled correctly
    2. that no other user with the same samaccountname exists in AD
    3. that the pipe from import-csv to new-aduser works correctly
    4. that the import-csv command imports correctly (see result below): 

    Name              : DOE John
    Type              : User
    SamAccountName    : DJohn
    GivenName         : John
    Surname           : DOE
    DisplayName       : John DOE
    Description       : Sales Supervisor
    EmailAddress      : DJohn@domain.com
    Company           : Corp Europe
    StreetAddress     : 16 Street Add
    State             : MA
    PostalCode        : 1234
    City              : Boston
    Country           : USA
    Organization      : Corp
    Path              : OU=Users,OU=warehouse01 - boston - ma,OU=Massachussetts,DC=domain,DC=net
    UserPrincipalName : Djohn@domain.com

    PS: the OU Users is the child OU of warehouse01 - boston - ma which is itself a child of Massachussetts

    PPS: Domain.com is the external dns domain name.  Domain.net is the local dns domain name. All our users have this format. 

    ==

    What is this error? what am i doing wrong?

    Thanks,

    Karim

    Tuesday, June 10, 2014 2:25 AM

Answers

  • Thanks JRV for your input.

    Actually I found that there were 2 issues with the script:

    1. The path to the child OU needs to be reversed starting from child OU up to the parent OU. That's what the error is referring to.
    2. Once that fixed, I still had another issue (can't remember the error message :( ) but it involved the country attribute.  It must be the 2 character code of the country, not the full country name: like US, FR, AU, GR, ...

    Cheers,

    SK

    • Marked as answer by Karim Slaoui Saturday, June 14, 2014 2:13 AM
    Saturday, June 14, 2014 2:11 AM

All replies

  • You cannot set the distinguished name in a New-ADUser command.


    ¯\_(ツ)_/¯

    Tuesday, June 10, 2014 2:34 AM
  • Thanks JRV for your input.

    Actually I found that there were 2 issues with the script:

    1. The path to the child OU needs to be reversed starting from child OU up to the parent OU. That's what the error is referring to.
    2. Once that fixed, I still had another issue (can't remember the error message :( ) but it involved the country attribute.  It must be the 2 character code of the country, not the full country name: like US, FR, AU, GR, ...

    Cheers,

    SK

    • Marked as answer by Karim Slaoui Saturday, June 14, 2014 2:13 AM
    Saturday, June 14, 2014 2:11 AM
  • Unfortunately we cannot guess as to how your domain is built.  We also do not know what is in your CSV.

    Whatever you are doing. the DN on New-AdUser cannot be set no matter what it is.  The dn is build by AD.  It cannot be assigned.

    Whatever you are trying to say still makes absolutely no technical sense.


    ¯\_(ツ)_/¯

    Saturday, June 14, 2014 2:28 AM