Building a Demo Active Directory: Part 4

Doctor Scripto

Summary: Use Windows PowerShell to generate random users in Active Directory. Hey, Scripting Guy! Question Hey, Scripting Guy! Is there an easy way to take a list of names and generate random combinations for sample users in Active Directory? —LD Hey, Scripting Guy! Answer Hello LD, Honorary Scripting Guy, Sean Kearney here, filling in for our good friend, Ed. To catch up on the previous posts in this series, please read:

So now that we’ve done the tricky work, now we continue on and have some fun. We’d like to populate our environment with some users. I could go online and dig up a bunch of names and import them. Or I could take a smaller pile and build as large of a group as I could ever want. My friend provided me with a good template we’re going to use—a single .csv file that contains 15 male and 15 female names. Our first task in creating some random names will be to import this file and make it useful.

$Names=IMPORT-CSV C:ScriptSampleNames.csv The format for our .csv file (if you would like to create one for yourself) is about as simple as it can be. It looks a bit like this:





…and so on Picking first and last names at random is actually very easy. We simply pipe the array in question through the Get-Random cmdlet:

$FirstName=$Names.firstname | GET-RANDOM

$LastName=$Names.lastname | GET-RANDOM But there’s more to it than that, isn’t there? There are a few things we need to do with these names before shoving them into Active Directory:

  • Define our format for the SAM account and the user principal name (UPN)
  • Truncate the SAM account to no more than 20 characters
  • Build the UPN for the user ID
  • Determine which organizational unit they will exist in

For this environment, we’re going to have users with the FirstInitial and Lastname as the user ID. We’ll leverage this format in the UPN as well. First we build a basic log-in ID with the first initial and the full last name of the user in question:

$LoginID=$Firstname.substring(0,1)+$Lastname Next, we’ll build our UPN. We’re going to define a variable that contains the extension for the UPN.


$UserPN=$LoginID+$UPN Now we’ll build the SAM account name, which is really the same as the $LoginID. We need to ensure that it is no longer than 20 characters so it follows the legacy rules. This little line will do the trick. We’re going to:

  • Pad 20 spaces to the end so the substring will always see 20 characters
  • Chop the string to no more than 20 characters
  • Trim off the remaining spaces

$Sam=$LoginID.padright(20).substring(0,20).trim() Of course, now we’ll build the display name in Active Directory. We could just plop in the first name and last name, separated by a space. But because we have Windows PowerShell, we can do things differently. Let’s show the name as Lastname, Firstname:

$Displayname=$Lastname+”, ”+$Firstname At this point, we could create a new user like this:

New-ADUser -GivenName $Firstname -Surname $Lastname -DisplayName $Displayname -UserPrincipalName $UserPN -name $Displayname -SamAccountName $Sam But that would just drop it in the default Users container in Active Directory. And we did say that we wanted to populate specific organizational units, correct? Because our structure is well organized, we can pick a random city and division, and then drop our user straight in. More to the point, we can populate the division and city fields of our Active Directory object. So first, pick a random city and division:

$City=$CityOU | GET-RANDOM

$Division=$DivisionOU | GET-RANDOM Now we build our target path for the users, based on our original structure:

$ADPath=”OU=$Division,OU=$City,$CompanyPath” With this in place, we can not only create the users, but place them into a targeted organizational unit within our structure:

New-ADUser -GivenName $Givenname -Surname $Surname -DisplayName $Displayname -UserPrincipalName $UserPN -Division $Division -City $City -Path $ADPath-name $Displayname -SamAccountName $Sam Presently, our script to populate the users looks like this:

$Names=IMPORT-CSV C:Scriptsamplenames.csv


# Generate 150 Random Users from pulled Raw data

For ($x=0;$x -lt 150;$x++)



            # Pick a Random First and Last Name

            $Firstname=GET-Random $Names.Firstname

            $Lastname=GET-Random $Names.Lastname


            $Displayname=$Lastname+”, “+$Firstname


            # Make sure this user DOES NOT already exist



            # Pick a Random City

            $City=GET-RANDOM $Cityou


            # Pick a Random Division

            $Division=GET-RANDOM $DivisionOU






            # Create the user in Active Directory


            New-ADUser -GivenName $Givenname -Surname $Surname -DisplayName $Displayname -UserPrincipalName $UserPN -Division $Division -City $City -Path $ADPath-name $Displayname -SamAccountName $Sam


} Of course, this is fairly simple. We haven’t checked to see if the user already exists, no passwords have been assigned, and we haven’t assigned the users to any security groups. But pop back in tomorrow when we will finish all these tasks, and you will have one-honking-cool-shiny-new demo Active Directory environment! I invite you to follow the Scripting Guys on Twitter and Facebook. If you have any questions, send email to, or post your questions on the Official Scripting Guys Forum. See you tomorrow. Until then, peace. Sean Kearney, Honorary Scripting Guy and Windows PowerShell MVP 


Discussion is closed.

Feedback usabilla icon