How To: Bulk creation of AD users and Exchange mailboxes

  • Article

Over the past couple of months I have worked on more than one project where the customer wanted to create a new forest for the new Exchange 2007 installation. Normally you would migrate users from the old domain(s) with ADMT or another product but in these cases brand new user accounts and mailboxes were desired.

So how do you create all your new users the easiest way? Well, with Exchange Management Shell of course! :o)

First you have to export existing users. Here I will use a Windows Server 2003 domain as an example source domain. I recommend using CSVDE for the export as it will give you a comma delimited file that is easy to manipulate in Excel.

The more time you spend cleaning up your data in Excel, the more time you save later by not having to re-iterate the whole process.

Example: csvde -d "ou=Domain Users,dc=contoso,dc=com" -f DomainUsersOU.txt

Make sure your output file has the ".txt" extension for Excel to be able to detect the content properly.

Now you fire up Excel, open the file and let Excel do its magic after you select comma delimited format.

Select the columns and rows you want to use for the import and get rid of the rest, the example below uses just the most basic fields - you may need to import more fields; e.g. if you have OCS and phone integration you would want to keep the msRTCSIP-Line and msRTCSIP-PrimaryUserAddress fields.

In this example a bunch of random passwords are created and saved in a column called "Password".

Save the file as tab delimited (this will save you a headache later) and use the following script to convert the file to a proper comma delimited format (borrowed from msgoodies):

$v=new-object system.text.stringBuilder 1000 $input | % { $v.length=0 # empty sb $e=$_.split("`t") $e | % {   $null=$v.append(",")   if ($_[0] -eq "`"" -and $_.endswith("`"")) {    # already quoted - strip them    $_=$_.substring(1,$_.length-2)   }   $null=$v.append('"'+$_.replace('"','""')+'"') } $v.tostring().substring(1) }

Save the script file as: Convert-TsvToCsv.ps1 (or really, whatever you like)

Syntax for converting: "type tabfile.txt | .\Convert-TsvToCsv.ps1 >csvfile.txt"

Now the fun begins!

Import the file into a variable by running the Import-Csv cmdlet:

$users = Import-Csv csvfile.txt

This will give you a chance to verify the format of the data one last time by simply typing "$users" in the Exchange Management Shell.

Now we need to parse the array of users by using a ForEach loop:

ForEach ($user in $users) { $pass = ConvertTo-SecureString $user.Password -asPlainText -Force; New-Mailbox -UserPrincipalName $user.userPrincipalName -Alias $user.sAMAccountName -Database $user.homeMDB -Name $user.sAMAccountName -DomainController dc01.contoso.com -OrganizationalUnit $user.ou -FirstName $user.givenName -LastName $user.sn -DisplayName $user.displayName -Password $pass -ResetPasswordOnNextLogon $true -WhatIf }

The first part of the command converts the included password to a SecureString format to be able to script the input of the password. The second part creates a new AD domain account and an Exchange 2007 mailbox.

Fields like "homeMDB" will of course need to be manipulated in Excel after the original export. If you use organization wide unique names for databases, you only need to specify the database name here.

The "ou" will not always be populated correctly when exporting but can be derived from the "DN" field by a simple Excel macro. That is, if you want the same OU structure in the destination domain.

After you have tested the script with the "-WhatIf" statement to verify success you can go ahead and remove the "-WhatIf" and create the users in your domain...

Hopefully this will save you some time.... Enjoy!