PowerShell Script Create user from CSV

During testing you always need to create user accounts. But who wants to spend a whole bunch of time creating users? Not me! I went ahead and made a very basic PowerShell Script that will create users from a CSV file.

This is a very Basic Script, it will set a password on the account, allow you to specify the OU to place the accounts, populate the GivenName, Surname, Displayname, Userprincipalname, Samaccountname and enable the account. It can be tweaked to do more. But for me at this moment it works quiet well.

You need to create a CSV file, called latestusers.csv, the file will be in this format



The Script data is below, copy the below text into Notepad, and save it as CreateUser.ps1

$password = Read-host “Please Enter your password” -AsSecureString
$path = Read-host “Please Enter your OU”
Import-Csv latestusers.csv | foreach {New-ADUser -Name $_.name -GivenName $_.GivenName -Surname $_.Surname -DisplayName $_.Name -UserPrincipalName $_.userprincipalname -SamAccountName $_.SamAccountName -AccountPassword $password -Enabled $true -path $path}

The text highlighted in Red is all one command and should be on the same line, whereas the Black is meant to be on separate lines.

To run the script:

  • Run PowerShell as Administrator
  • Change to the location where you have placed the Script and the CSV file. For me it will be C:\ “Set-Location c:\”
  • Now run the script. Tyoe “.\createuser.ps1” if you get an error trying to run the script like the screen shot below. Run this Command “Set-ExecutionPolicy Remotesigned”, this will allow you to run scripts.


  • You will get asked to enter a password, this password will be set on all accounts. Enter in a password that meets the requirements of your Domain.
  • You will the get prompted to Enter your OU, in my case this will be “OU=Accounts,DC=Adatum,DC=Com” Once you press enter the Script will then go look in your CSV file, and create the accounts with the data you have populated in the file.



  • Again this is a very Basic script, but it can be tweaked to add more data to the user account, but works very good for creating a bunch of test user that are active. Plus beats the hell out of the GUI, and the amount of mouse work you would have to do.

Add Active Directory Domain Services (AD DS) with PowerShell

Ever wanted to install the Domain Services with PowerShell? Well I did. If you would like to know more just read below.

  • Run PowerShell as an Administrator.
  • Import the ServerManager Module with the following command

Import-Module ServerManager

  • This command will not have any feedback


  • Run the command Get-WindowsFeature to see what you need to install. From the screen shot below we will need to install the Active Directory Domain Services (AD-Domain-Services) and Active Directory Domain Controller (ADDS-Domain-Controller)


  • Before we commit the command lets do this, run “Add-WindowsFeature AD-domain-Services,ADDS-Domain-Controller –WhatIf”. this command will tell us what is going to happen. Notice the Screen shot below. It is letting us know that this command will also install .NET Framework 3.5.1 Features, which is needed for AD DS.

Add-WindowsFeature AD-Domain-Services,ADDS-Domain-Controller


  • Lets go ahead and add the Features

Add-WindowsFeature AD-Domain-Services, ADDS-Domain-Controller

  • This command will take a few minutes to complete. Now to make sure we have everything we need we can run the Get-WindowsFeature again. Anything with a “X” means the feature is installed and ready to use. You can export this command to a file so you can keep it for your documentation.

Get-WindowsFeature > C:\WindowsFeature.txt

  • This will save the Text file to your C: Root.


  • The output will match the following

Display Name                                            Name
————                                            —-
[ ] Active Directory Certificate Services               AD-Certificate
[ ] Certification Authority                         ADCS-Cert-Authority
[ ] Certification Authority Web Enrollment          ADCS-Web-Enrollment
[ ] Online Responder                                ADCS-Online-Cert
[ ] Network Device Enrollment Service               ADCS-Device-Enrollment
[ ] Certificate Enrollment Web Service              ADCS-Enroll-Web-Svc
[ ] Certificate Enrollment Policy Web Service       ADCS-Enroll-Web-Pol
[X] Active Directory Domain Services                    AD-Domain-Services
[X] Active Directory Domain Controller              ADDS-Domain-Controller
[ ] Identity Management for UNIX                    ADDS-Identity-Mgmt
[ ] Server for Network Information Services     ADDS-NIS
[ ] Password Synchronization                    ADDS-Password-Sync
[ ] Administration Tools                        ADDS-IDMU-Tools
[ ] Active Directory Federation Services                AD-Federation-Services
[ ] Federation Service                              ADFS-Federation
[ ] Federation Service Proxy                        ADFS-Proxy
[ ] AD FS Web Agents                                ADFS-Web-Agents
[ ] Claims-aware Agent                          ADFS-Claims
[ ] Windows Token-based Agent                   ADFS-Windows-Token
[ ] Active Directory Lightweight Directory Services     ADLDS
[ ] Active Directory Rights Management Services         ADRMS
[ ] Active Directory Rights Management Server       ADRMS-Server
[ ] Identity Federation Support                     ADRMS-Identity
[ ] Application Server                                  Application-Server
[ ] .NET Framework 3.5.1                            AS-NET-Framework
[ ] Web Server (IIS) Support                        AS-Web-Support
[ ] COM+ Network Access                             AS-Ent-Services
[ ] TCP Port Sharing                                AS-TCP-Port-Sharing
[ ] Windows Process Activation Service Support      AS-WAS-Support
[ ] HTTP Activation                             AS-HTTP-Activation
[ ] Message Queuing Activation                  AS-MSMQ-Activation
[ ] TCP Activation                              AS-TCP-Activation
[ ] Named Pipes Activation                      AS-Named-Pipes
[ ] Distributed Transactions                        AS-Dist-Transaction
[ ] Incoming Remote Transactions                AS-Incoming-Trans
[ ] Outgoing Remote Transactions                AS-Outgoing-Trans
[ ] WS-Atomic Transactions                      AS-WS-Atomic
[ ] DHCP Server                                         DHCP
[ ] DNS Server                                          DNS
[ ] Fax Server                                          Fax
[ ] File Services                                       File-Services
[ ] File Server                                     FS-FileServer
[ ] Distributed File System                         FS-DFS
[ ] DFS Namespaces                              FS-DFS-Namespace
[ ] DFS Replication                             FS-DFS-Replication
[ ] File Server Resource Manager                    FS-Resource-Manager
[ ] Services for Network File System                FS-NFS-Services
[ ] Windows Search Service                          FS-Search-Service
[ ] Windows Server 2003 File Services               FS-Win2003-Services
[ ] Indexing Service                            FS-Indexing-Service
[ ] BranchCache for network files                   FS-BranchCache
[ ] Hyper-V                                             Hyper-V
[ ] Network Policy and Access Services                  NPAS
[ ] Network Policy Server                           NPAS-Policy-Server
[ ] Routing and Remote Access Services              NPAS-RRAS-Services
[ ] Remote Access Service                       NPAS-RRAS
[ ] Routing                                     NPAS-Routing
[ ] Health Registration Authority                   NPAS-Health
[ ] Host Credential Authorization Protocol          NPAS-Host-Cred
[ ] Print and Document Services                         Print-Services
[ ] Print Server                                    Print-Server
[ ] LPD Service                                     Print-LPD-Service
[ ] Internet Printing                               Print-Internet
[ ] Distributed Scan Server                         Print-Scan-Server
[ ] Remote Desktop Services                             Remote-Desktop-Services
[ ] Remote Desktop Session Host                     RDS-RD-Server
[ ] Remote Desktop Virtualization Host              RDS-Virtualization
[ ] Core Services                               RDS-Virtualization-Core
[ ] RemoteFX                                    RDS-RemoteFX
[ ] Remote Desktop Licensing                        RDS-Licensing
[ ] Remote Desktop Connection Broker                RDS-Connection-Broker
[ ] Remote Desktop Gateway                          RDS-Gateway
[ ] Remote Desktop Web Access                       RDS-Web-Access
[ ] Web Server (IIS)                                    Web-Server
[ ] Web Server                                      Web-WebServer
[ ] Common HTTP Features                        Web-Common-Http
[ ] Static Content                          Web-Static-Content
[ ] Default Document                        Web-Default-Doc
[ ] Directory Browsing                      Web-Dir-Browsing
[ ] HTTP Errors                             Web-Http-Errors
[ ] HTTP Redirection                        Web-Http-Redirect
[ ] WebDAV Publishing                       Web-DAV-Publishing
[ ] Application Development                     Web-App-Dev
[ ] ASP.NET                                 Web-Asp-Net
[ ] .NET Extensibility                      Web-Net-Ext
[ ] ASP                                     Web-ASP
[ ] CGI                                     Web-CGI
[ ] ISAPI Extensions                        Web-ISAPI-Ext
[ ] ISAPI Filters                           Web-ISAPI-Filter
[ ] Server Side Includes                    Web-Includes
[ ] Health and Diagnostics                      Web-Health
[ ] HTTP Logging                            Web-Http-Logging
[ ] Logging Tools                           Web-Log-Libraries
[ ] Request Monitor                         Web-Request-Monitor
[ ] Tracing                                 Web-Http-Tracing
[ ] Custom Logging                          Web-Custom-Logging
[ ] ODBC Logging                            Web-ODBC-Logging
[ ] Security                                    Web-Security
[ ] Basic Authentication                    Web-Basic-Auth
[ ] Windows Authentication                  Web-Windows-Auth
[ ] Digest Authentication                   Web-Digest-Auth
[ ] Client Certificate Mapping Authentic… Web-Client-Auth
[ ] IIS Client Certificate Mapping Authe… Web-Cert-Auth
[ ] URL Authorization                       Web-Url-Auth
[ ] Request Filtering                       Web-Filtering
[ ] IP and Domain Restrictions              Web-IP-Security
[ ] Performance                                 Web-Performance
[ ] Static Content Compression              Web-Stat-Compression
[ ] Dynamic Content Compression             Web-Dyn-Compression
[ ] Management Tools                                Web-Mgmt-Tools
[ ] IIS Management Console                      Web-Mgmt-Console
[ ] IIS Management Scripts and Tools            Web-Scripting-Tools
[ ] Management Service                          Web-Mgmt-Service
[ ] IIS 6 Management Compatibility              Web-Mgmt-Compat
[ ] IIS 6 Metabase Compatibility            Web-Metabase
[ ] IIS 6 WMI Compatibility                 Web-WMI
[ ] IIS 6 Scripting Tools                   Web-Lgcy-Scripting
[ ] IIS 6 Management Console                Web-Lgcy-Mgmt-Console
[ ] FTP Server                                      Web-Ftp-Server
[ ] FTP Service                                 Web-Ftp-Service
[ ] FTP Extensibility                           Web-Ftp-Ext
[ ] IIS Hostable Web Core                           Web-WHC
[ ] Windows Deployment Services                         WDS
[ ] Deployment Server                               WDS-Deployment
[ ] Transport Server                                WDS-Transport
[ ] Windows Server Update Services                      OOB-WSUS
[X] .NET Framework 3.5.1 Features                       NET-Framework
[X] .NET Framework 3.5.1                            NET-Framework-Core
[ ] WCF Activation                                  NET-Win-CFAC
[ ] HTTP Activation                             NET-HTTP-Activation
[ ] Non-HTTP Activation                         NET-Non-HTTP-Activ
[ ] Background Intelligent Transfer Service (BITS)      BITS
[ ] Compact Server                                  BITS-Compact-Server
[ ] IIS Server Extension                            BITS-IIS-Ext
[ ] BitLocker Drive Encryption                          BitLocker
[ ] BranchCache                                         BranchCache
[ ] Connection Manager Administration Kit               CMAK
[ ] Desktop Experience                                  Desktop-Experience
[ ] DirectAccess Management Console                     DAMC
[ ] Failover Clustering                                 Failover-Clustering
[ ] Group Policy Management                             GPMC
[ ] Ink and Handwriting Services                        Ink-Handwriting
[ ] Ink Support                                     IH-Ink-Support
[ ] Handwriting Recognition                         IH-Handwriting
[ ] Internet Printing Client                            Internet-Print-Client
[ ] Internet Storage Name Server                        ISNS
[ ] LPR Port Monitor                                    LPR-Port-Monitor
[ ] Message Queuing                                     MSMQ
[ ] Message Queuing Services                        MSMQ-Services
[ ] Message Queuing Server                      MSMQ-Server
[ ] Directory Service Integration               MSMQ-Directory
[ ] Message Queuing Triggers                    MSMQ-Triggers
[ ] HTTP Support                                MSMQ-HTTP-Support
[ ] Multicasting Support                        MSMQ-Multicasting
[ ] Routing Service                             MSMQ-Routing
[ ] Message Queuing DCOM Proxy                      MSMQ-DCOM
[ ] Multipath I/O                                       Multipath-IO
[ ] Network Load Balancing                              NLB
[ ] Peer Name Resolution Protocol                       PNRP
[ ] Quality Windows Audio Video Experience              qWave
[ ] Remote Assistance                                   Remote-Assistance
[ ] Remote Differential Compression                     RDC
[X] Remote Server Administration Tools                  RSAT
[X] Role Administration Tools                       RSAT-Role-Tools
[ ] Active Directory Certificate Services Tools RSAT-ADCS
[ ] Certification Authority Tools           RSAT-ADCS-Mgmt
[ ] Online Responder Tools                  RSAT-Online-Responder
[X] AD DS and AD LDS Tools                      RSAT-AD-Tools
[X] AD DS Tools                             RSAT-ADDS
[X] AD DS Snap-Ins and Command-Line … RSAT-ADDS-Tools
[X] Active Directory Administrative … RSAT-AD-AdminCenter
[ ] Server for NIS Tools                RSAT-SNIS
[ ] AD LDS Snap-Ins and Command-Line Tools  RSAT-ADLDS
[X] Active Directory module for Windows … RSAT-AD-PowerShell
[ ] Active Directory Rights Management Servi… RSAT-RMS
[ ] DHCP Server Tools                           RSAT-DHCP
[ ] DNS Server Tools                            RSAT-DNS-Server
[ ] Fax Server Tools                            RSAT-Fax
[ ] File Services Tools                         RSAT-File-Services
[ ] Distributed File System Tools           RSAT-DFS-Mgmt-Con
[ ] File Server Resource Manager Tools      RSAT-FSRM-Mgmt
[ ] Services for Network File System Tools  RSAT-NFS-Admin
[ ] Hyper-V Tools                               RSAT-Hyper-V
[ ] Network Policy and Access Services Tools    RSAT-NPAS
[ ] Print and Document Services Tools           RSAT-Print-Services
[ ] Remote Desktop Services Tools               RSAT-RDS
[ ] Remote Desktop Session Host Tools       RSAT-RDS-RemoteApp
[ ] Remote Desktop Gateway Tools            RSAT-RDS-Gateway
[ ] Remote Desktop Licensing Tools          RSAT-RDS-Licensing
[ ] Remote Desktop Connection Broker Tools  RSAT-RDS-Conn-Broker
[ ] Web Server (IIS) Tools                      RSAT-Web-Server
[ ] Windows Deployment Services Tools           RSAT-WDS
[ ] Feature Administration Tools                    RSAT-Feature-Tools
[ ] BitLocker Drive Encryption Administratio… RSAT-BitLocker
[ ] BitLocker Drive Encryption Tools        RSAT-Bitlocker-DriveEnc
[ ] BitLocker Recovery Password Viewer      RSAT-Bitlocker-RecPwd
[ ] BITS Server Extensions Tools                RSAT-Bits-Server
[ ] Failover Clustering Tools                   RSAT-Clustering
[ ] Network Load Balancing Tools                RSAT-NLB
[ ] SMTP Server Tools                           RSAT-SMTP
[ ] WINS Server Tools                           RSAT-WINS
[ ] RPC over HTTP Proxy                                 RPC-over-HTTP-Proxy
[ ] Simple TCP/IP Services                              Simple-TCPIP
[ ] SMTP Server                                         SMTP-Server
[ ] SNMP Services                                       SNMP-Services
[ ] SNMP Service                                    SNMP-Service
[ ] SNMP WMI Provider                               SNMP-WMI-Provider
[ ] Storage Manager for SANs                            Storage-Mgr-SANS
[ ] Subsystem for UNIX-based Applications               Subsystem-UNIX-Apps
[ ] Telnet Client                                       Telnet-Client
[ ] Telnet Server                                       Telnet-Server
[ ] TFTP Client                                         TFTP-Client
[ ] Windows Biometric Framework                         Biometric-Framework
[ ] Windows Internal Database                           Windows-Internal-DB
[ ] Windows PowerShell Integrated Scripting Environm… PowerShell-ISE
[ ] Windows Process Activation Service                  WAS
[ ] Process Model                                   WAS-Process-Model
[ ] .NET Environment                                WAS-NET-Environment
[ ] Configuration APIs                              WAS-Config-APIs
[ ] Windows Server Backup Features                      Backup-Features
[ ] Windows Server Backup                           Backup
[ ] Command-line Tools                              Backup-Tools
[ ] Windows Server Migration Tools                      Migration
[ ] Windows System Resource Manager                     WSRM
[ ] Windows TIFF IFilter                                TIFF-IFilter
[ ] WinRM IIS Extension                                 WinRM-IIS-Ext
[ ] WINS Server                                         WINS-Server
[ ] Wireless LAN Service                                Wireless-Networking
[ ] XPS Viewer                                          XPS-Viewer


  • With all of the required Features installed we can now run DCpromo.exe to finish the install of our Domain Controller, New Domain, or New Forest.


If you would like to know more about Creating a Domain in Windows Server 2008 R2 Click Here.

DISM Windows Server 2008 R2 Change Edition

Hit a little issue in my lab today, It happens that I went ahead and installed Windows Server 2008 R2 Standard for a bunch of my Lab VM’s. Now the issue is that I need Windows Server 2008 R2 Enterprise Edition to support the Windows Failover Clustering feature.

So long story short, I didn’t want to have to fully rebuild my Lab VM’s. So I went looking around and found a very nice way to in place upgrade to Enterprise Edition.

The command that we are going to use is the DISM.exe command (Deployment Image Servicing and Management Tool), that is available in Windows 7 and Windows Server 2008 R2. You can find out more about the Tool HERE

  • First of all go ahead and on the server you want to run this command open up PowerShell as an administrator.
  • Click on the “Start Button” Type Power, PowerShell will then show under programs, Right Click the PowerShell Icon and select “Run as administrator.


  • Enter is this command in the window to find the version you are running, just to confirm. “DISM /online /Get-CurrentEdition”


    • Enter the following command to see which version you can in place upgrade too “DISM /online /Get-TargetEditions” You can see from the output of the command window, Windows Server 2008 R2 Standard can be upgraded to Enterprise and DataCenter.


  • Enter in the following command to upgrade your version of Windows Server. In my case I am going to be upgrading too Windows Server 2008 R2 Enterprise Edition, and the following command will do this. You need to have a key for Enterprise edition and fill in the XXXX with that information. Once the command is done running you will need to restart your computer, if you are ready just type “Y”.

DISM /online /Set-Edition:ServerEnterprise /ProductKey:XXXXX-XXXXX-XXXXX-XXXXX-XXXXX”


  • Once the computer restarts, you can go ahead and look at your computer properties, and you will now see you are running Windows Server Enterprise. Well in my case anyways.


Errors: If you get an error while running this prodcedure, see if any of the below issue will resolve the issue.

  1. Setting an Edition is not supported with online images” More than likley the reason you are getting this error is because the server you are trying to inplace upgrade has the AD DS Role installed and is acting as a domain controller. The only way to upgrade this one is to move the FSMO Roles to another server, then DCpromo the server, and make it a member server and then run the command, and then you can go ahead and make the server a Domain Controller once the edition of Windows has been changed.
  2. The specified product key is not valid for the target edition. Run this command again with a product key specific to the target edition.” I have no reason why this issue happens,(its key confusion of some sort) but to fix it you can go ahead and use the default KMS key provided by Microsoft 489J6-VHDMP-X63PK-3K798-CPX3Y, use this key in the command, and once the system reboots, go into the Server Manager and change and activate the softare with your own key.

Note: You cannot downgrade with this method, just upgrade. Also please do this at your own risk, I am doing this in a Lab Environment which is going to impact only one me. This is not a major upgrade, basically all it is doing is changing the product key if need be, and changing some registry values.