Go to content Go to navigation

Creating new user with PowerShell · 2009-12-05 19:35 by Black in

Exchange Server 2007 has removed the ActiveDirectory integration of previous versions, creating a user in AD does no longer also create and link a Mailbox. To create everything properly, the Management Console for Exchange or PowerShell has to be used.

This PowerShell Script creates a new User with parameters set in a GUI. .Net is used to display a Dialog Box, the text boxes are then evaluated and used to create a new user. After that, that user is changed to reflect the remaining settings.

Additional features include the creation of file shares on the server, automatic generation of the E-Mail address with some limited CharSet cleaning, live updating UI, user expiration date setting and more. The whole script is quite customized to the environment it is used in, but I am sure the core can be used by anyone.

An interesting concept this PowerShell Script show are the creation and event based updating of .Net Widgets. updateUI is a function that is called as event handler for the text box, it can execute input validation, update other parts of the UI or do anything else. (See the linked source for more context):

new-user.ps1 [20.72 kB]

  1. $form = new-object System.Windows.Forms.form
  2. $form.Text = "Exchange 2007 User Create Form"
  3. $form.size = new-object System.Drawing.Size(440,550)
  4. $form.AutoSize = $true
  5. $form.AutoSizeMode = "GrowOnly"
  7. ### FirstName
  8. $posY += $lineHeight
  10. # Add FirstName Box
  11. $firstNameTextBox = new-object System.Windows.Forms.TextBox
  12. $firstNameTextBox.Location = new-object System.Drawing.Size($posXControl,$posY)
  13. $firstNameTextBox.size = new-object System.Drawing.Size($controlWidth,$controlHeight)
  14. $firstNameTextBox.add_TextChanged({updateUID})
  15. $form.Controls.Add($firstNameTextBox)

Creating a new User with PowerShell is easy thanks to the new-mailbox cmd-let the Exchange Integration installs. But setting some of the properties was rather complicated. For some, an AD Object has to be generated:

new-user.ps1 [20.72 kB]

  1.     # General Stuff (alternative: use set-user, for some of those)
  2.     $user = get-user -identity $upn
  3.     $aduser = [ADSI]("LDAP://"+$user.DistinguishedName)
  4.     if ($desc -ne "")
  5.     {
  6.       $aduser.description = $jobDescDrop.Text
  7.     }
  8.     if ($phone -ne "")
  9.     {
  10.       $aduser.telephonenumber = $phone
  11.     }
  12.     if ($webpage -ne "")
  13.     {
  14.       $aduser.wwwhomepage = $webpage
  15.     }
  16.     $aduser.company = $company
  17.     $aduser.department = $department
  18.     # FS
  19.     $aduser.profilePath = $pathPro + $alias + "\%osversion%"
  20.     $aduser.homeDrive = "P:"
  21.     $aduser.homeDirectory = $pathBase + $alias + "$"
  22.     # Commit Settings
  23.     $aduser.SetInfo()

Others such as setting the expiration date of an account to “never expires” require to use a more arcane syntax:

new-user.ps1 [20.72 kB]

  1.     # Hard to change Expiration Date is set directly
  2.     #$aduser.psbase.InvokeGet("AccountExpirationDate")
  3.     $aduser.psbase.InvokeSet("AccountExpirationDate", $validUntil)
  4.     $aduser.psbase.CommitChanges()

  Textile help