none
Adding attribes "cn, givenName, and displayname to accounts RRS feed

  • Question

  • Hi, I have the following script to create user accounts but need to add the following attributes

    cn, givenName, displayName

    I have a column created in the csv file with the attributes but need to know how to enter the code into the following script:

    $users = import-csv "C:\script\list3.csv"
    $objADSI = [ADSI]"LDAP://ou=*Users,dc=corp,dc=we"
    $users | foreach {

       $cn = $_.cn
       $path = "\\DC01\Home$\$cn"
      
       $objUser = $objADSI.Create("User", "cn=$cn")
       $objUser.Put("sAMAccountName", $cn)
       $objUser.Put("userPrincipalName", "$cn@corp.we")
       $objUser.Put("homeDirectory", $path)
       $objUser.setInfo()
       $objUser.SetPassword("Password1")
       $objUser.psbase.InvokeSet('AccountDisabled', $false)
       $objUser.Put("pwdLastSet",-0)
       $objUser.setInfo()


       if (-not (Test-Path $path)) {
          $acl = (md $path).GetAccessControl()
          $perm = ($cn + "@corp.we"),"Modify","ContainerInherit,ObjectInherit","None","Allow"
          $accessRule = new-object System.Security.AccessControl.FileSystemAccessRule $perm
          $acl.SetAccessRule($accessRule)
          $acl | Set-Acl -Path $Path
       }

    }

     

    Any feedback would be appreciated

    Thanks

     

    Friday, October 7, 2011 10:26 AM

Answers

  • I have tested this code on my test DC, and it works:

     

    $users = import-csv "C:\scripts\users.csv"
    $objADSI = [ADSI]"LDAP://ou=*Users,dc=corp,dc=we"
    $users | foreach {
    
       $UserName = $_.UserName
       $DisplayName = $_.DisplayName
       $sn = $_.sn
       $GivenName = $_.GivenName
       $path = "\\DC01\Home$\$UserName"
       
       $objUser = $objADSI.Create("User", "cn=$UserName")
       $objUser.Put("sAMAccountName", $UserName)
       $objUser.Put("userPrincipalName", $UserName + "@corp.we")
       $objUser.Put("DisplayName", $DisplayName)
       $objUser.Put("sn",$sn)
       $objUser.Put("GivenName", $GivenName)
       $objUser.Put("homeDirectory", $path)
       $objUser.setInfo()
       $objUser.SetPassword("Password1")
       $objUser.psbase.InvokeSet('AccountDisabled', $false)
       $objUser.setInfo()
       
       if (-not (Test-Path $path)) { 
        $acl = (md $path).GetAccessControl()
        $perm = ($UserName + "@corp.we"),"Modify","ContainerInherit,ObjectInherit","None","Allow"
        $accessRule = new-object System.Security.AccessControl.FileSystemAccessRule $perm
    	$acl.SetAccessRule($accessRule)
    	$acl | Set-Acl -Path $Path
       }
    
    }
    
    

     


    [string](0..9|%{[char][int](32+("39826578840055658268").substring(($_*2),2))})-replace "\s{1}\b"
    Friday, October 7, 2011 11:39 AM
  •  $givenName = $_.givenName
     $displayName = $_.displayName
    
     $objUser.Put("givenName",$givenName)
     $objUser.Put("displayName",$displayName)
     $objUser.setInfo()
    

    Friday, October 7, 2011 10:34 AM
  • For example:

    File user.csv contains:
    
    cn,givenName,displayName
    "krab","Krab","Krab Clancy"
    "kreng","Kuks","Kuks Bancy"
    
    PS  >  Import-Csv users.csv
    
    cn                                      givenName                               displayName
    --                                      ---------                               -----------
    krab                                    Krab                                    Krab Clancy
    kreng                                   Kuks                                    Kuks Bancy
    
    
    PS >  Import-Csv users.csv | %{"cn = {0} gN = {1} dN = {2}" -f $_.cn,$_.giveName,$_.displayName}
    cn = krab gN =  dN = Krab Clancy
    cn = kreng gN =  dN = Kuks Bancy
    


    Friday, October 7, 2011 11:01 AM

All replies

  •  $givenName = $_.givenName
     $displayName = $_.displayName
    
     $objUser.Put("givenName",$givenName)
     $objUser.Put("displayName",$displayName)
     $objUser.setInfo()
    

    Friday, October 7, 2011 10:34 AM
  • Thanks Kazun... Am I right in thinking that the script looks at the csv file's frst line and matches to the givenName entry and pulls the info? Just trying to get my head around how it works and not just the simple fact that it does work

    Thanks

    Friday, October 7, 2011 10:57 AM
  • For example:

    File user.csv contains:
    
    cn,givenName,displayName
    "krab","Krab","Krab Clancy"
    "kreng","Kuks","Kuks Bancy"
    
    PS  >  Import-Csv users.csv
    
    cn                                      givenName                               displayName
    --                                      ---------                               -----------
    krab                                    Krab                                    Krab Clancy
    kreng                                   Kuks                                    Kuks Bancy
    
    
    PS >  Import-Csv users.csv | %{"cn = {0} gN = {1} dN = {2}" -f $_.cn,$_.giveName,$_.displayName}
    cn = krab gN =  dN = Krab Clancy
    cn = kreng gN =  dN = Kuks Bancy
    


    Friday, October 7, 2011 11:01 AM
  • Hi Kazun, I have added the code, highlighted in bold but it keeps bombing out. Do you have any idea's please?

    $users = import-csv "C:\script\list3.csv"
    $objADSI = [ADSI]"LDAP://ou=*Users,dc=corp,dc=we"

    $path

       $cn = $_.cn
       $objUser = $objADSI.Create("User", "cn=$cn")
       $objUser.Put("sAMAccountName", $cn)
       $objUser.Put("userPrincipalName", "
    $cn@corp.we")
       $objUser.Put("homeDirectory", $path)
       $objUser.setInfo()
       $objUser.SetPassword("Password1")
       $objUser.psbase.InvokeSet('AccountDisabled', $false)
       $objUser.Put("pwdLastSet",-0)

       $givenName = $_.givenName
       $displayname = $_.displayName
       $objuser.Put("givenName", $givenName)
       $objUser.Put("displayName", $displayName)
       $objUser.setInfo()

     

       $path = "\\DC01\Home$\$cn"
       if (-not (Test-Path $path)) {
          $acl = (md $path).GetAccessControl()
          $perm = ($cn + "@corp.we"),"Modify","ContainerInherit,ObjectInherit","None","Allow"
          $accessRule = new-object System.Security.AccessControl.FileSystemAccessRule $perm
          $acl.SetAccessRule($accessRule)
          $acl | Set-Acl -Path $Path
       }

    }

     

    Many thanks

    Friday, October 7, 2011 11:29 AM
  • I have tested this code on my test DC, and it works:

     

    $users = import-csv "C:\scripts\users.csv"
    $objADSI = [ADSI]"LDAP://ou=*Users,dc=corp,dc=we"
    $users | foreach {
    
       $UserName = $_.UserName
       $DisplayName = $_.DisplayName
       $sn = $_.sn
       $GivenName = $_.GivenName
       $path = "\\DC01\Home$\$UserName"
       
       $objUser = $objADSI.Create("User", "cn=$UserName")
       $objUser.Put("sAMAccountName", $UserName)
       $objUser.Put("userPrincipalName", $UserName + "@corp.we")
       $objUser.Put("DisplayName", $DisplayName)
       $objUser.Put("sn",$sn)
       $objUser.Put("GivenName", $GivenName)
       $objUser.Put("homeDirectory", $path)
       $objUser.setInfo()
       $objUser.SetPassword("Password1")
       $objUser.psbase.InvokeSet('AccountDisabled', $false)
       $objUser.setInfo()
       
       if (-not (Test-Path $path)) { 
        $acl = (md $path).GetAccessControl()
        $perm = ($UserName + "@corp.we"),"Modify","ContainerInherit,ObjectInherit","None","Allow"
        $accessRule = new-object System.Security.AccessControl.FileSystemAccessRule $perm
    	$acl.SetAccessRule($accessRule)
    	$acl | Set-Acl -Path $Path
       }
    
    }
    
    

     


    [string](0..9|%{[char][int](32+("39826578840055658268").substring(($_*2),2))})-replace "\s{1}\b"
    Friday, October 7, 2011 11:39 AM
  • Is the name of the OU "*User"? Note that "*" is not a wildcard character in Distinguished Names.

     


    Richard Mueller - MVP Directory Services
    Friday, October 7, 2011 3:23 PM
  • Hi Richard, I was also a bit confused about that, but one can create an OU called *User.  That's the test OU I used for my code.  A bit of a strange name for an AD object, but anyway...
    [string](0..9|%{[char][int](32+("39826578840055658268").substring(($_*2),2))})-replace "\s{1}\b"
    • Edited by Bigteddy Saturday, October 8, 2011 12:17 AM
    Saturday, October 8, 2011 12:14 AM
  • Thats just the naming convention I use to keep the manually created OU's together
    Monday, October 10, 2011 9:38 AM