Ravindra Kulkarni
Problem
You want to create a large number of user objects, either for testing purposes or to initially populate Active Directory with your employee, customer, or student user accounts.
Solution
Using a command-line interface
The following example uses a for-do loop in combination with dsadd to create 1,000 users under the bulk OU in the rallencorp.com domain with usernames such as User1, User2, User3, etc. The password is set, but no other attributes are configured. You can modify the dsadd syntax to populate additional attributes, as well.
> for /L %i in (1,1,1000) do dsadd user cn=User%i,ou=bulk,dc=rallencorp,dc=com -pwd User%i
You can also use the ldifde utility to perform a bulk import of unique usernames. Create an .LDF file using the following syntax (separate multiple entries with a blank line in-between):
dn: CN=Robbie Allen, OU=Training, DC=rallencorp, DC=com changetype: add cn: Robbie Allen objectClass: user samAccountName: rallen
Once you’ve created the LDIF file containing your user records, import the file using the following command:
> ldifde i f <filename.ldf> -s <servername>
You may notice that the LDIF file does not specify the user’s password; this attribute must be modified after the user object has been created.
Using VBScript
' This code creates a large number of users with incremented user names
' e.g. User1, User2, User3, ….
' ------ SCRIPT CONFIGURATION ------
intNumUsers = 1000 ' Number of users to create
strParentDN = "<ParentDN>" ' e.g. ou=bulk,dc=emea,dc=rallencorp,dc=com
' ------ END CONFIGURATION --------
' Taken from ADS_USER_FLAG_ENUM
Const ADS_UF_NORMAL_ACCOUNT = 512
set objParent = GetObject("LDAP://" & strParentDN)
for i = 1 to intNumUsers
strUser = "User" & i
Set objUser = objParent.Create("user", "cn=" & strUser)
objUser.Put "sAMAccountName", strUser
objUser.SetInfo
objUser.SetPassword(strUser)
objUser.SetInfo
objUser.Put "userAccountControl", ADS_UF_NORMAL_ACCOUNT
objUser.AccountDisabled=FALSE
objUser.SetInfo
WScript.Echo "Created " & strUser
next
WScript.Echo ""
WScript.Echo "Created " & intNumUsers & " users"
Discussion
Using ADSI and even the new DS command-line utilities on Windows Server 2003, you can create hundreds and even thousands of users easily and quickly. We ran both the CLI and VBScript solutions in a test domain on a single processor machine. The VBScript solution took less than 1.5 minutes and the CLI solution took less than 5 minutes to create 1,000 user objects. Admittedly, they are not populating very many attributes, but it shows that you can quickly populate Active Directory with user accounts very easily. You can also modify the examples to pull real data from a data source, such as an employee database.
IgNiTeD SoUL 