Less Awful AD Account Creation w/ Powershell!
I work in K12 Education. Student accounts in AD and Google Workspace are automatically provisioned with the help of Classlink's OneSync. Staff accounts on the other hand, are much more difficult to automate, as their are many different positions with different needs. Those have historically been created by hand. This leads to a slew of misspellings, incorrect groups, duplicate accounts, and other random human errors that has, at worst, caused actual data loss when profile folders were overwritten. Yikes.
With that in mind, I took it upon myself to create a script (A rather opinionated one at that...) that makes this manual process a bit more cohesive.
As of right now, it does the following:
- Request Administrator elevation
- Prompt for the User's First Name.
- Prompt for the User's Middle Initial.
- Prompt for the User's Last Name
- Prompt for the User's Position (Job title)
- Prompt for the User's Location (Building)
- Generate a Display Name, UPN, OU, Email address, Home Folder location, and 8. Data Group name.
- Verify there are no other users with the same unique attributes. Exit if so.
- Verify that the Data group exists, warn if not.
- Generate a unique one-time password just for account creation.
- Create User.
- Add user to groups.
The code itself, along with a much more in-depth explanation, is available here at my GitLab:
https://gitlab.com/JoshuaCMartin/ad-account-creator-powershell
