Batch Adding AD Users
Part of the work I’m doing while I’m out had me add a collection of test users. This could have been quite a task, had it not been for the nice features of vbscript.
We’re performing some testing on one of our applications, and needed to batch add 100 users into Active Directory to perform the testing. This is the code I ended up using.
dim strUser
Dim objRootLDAP, objContainer, objNewUser, objGroup
set objRootLDAP = GetObject("LDAP://rootDSE")
set objContainer = GetObject("LDAP://cn=Users," & _
objRootLDAP.Get("defaultNamingContext"))
set objGroup = GetObject("LDAP://CN=App_Users,CN=Users,DC=testdmn,DC=com")
for i = 1 to 100
strUser = "Test" & i
set ObjNewUser = objContainer.Create("User", "cn=" & strUser)
objNewUser.Put "sAMAccountName", strUser
objNewUser.Put "cn", strUser
objNewUser.Put "givenName", strUser
objNewUser.Put "displayName", strUser
objNewUser.Put "userPrincipalName", strUser & "@testdmn.com"
objNewUser.SetInfo
objNewUser.SetPassword("password")
objNewUser.AccountDisabled = FALSE
objNewUser.SetInfo
objGroup.Add("LDAP://cn=" & strUser & ",CN=Users,DC=testdmn,DC=com")
objNewUser = null
Next
It logins to the AD server, opens a connection, creates a user, adds them to the group, and moves onto the next user. When you open the AD Users & Computers now, you’ll see 100 Test# users.
Technorati Tags: Work, Scripting, Active Directory, AD


Hi there,
How would I get the script to read names, role, company, address, email, phone, mobile from an excel spreadsheet? Not all the cells will be populated (except name, email & company are required)
Thank you Michael
Michael, This page http://www.gregthatcher.com/Papers/VBScript/ExcelExtractScript.aspx has a perfect example of it. I’d do some tweaking, like make assumptions about the spreadsheet you’re supplying instead of using some of these loops.
For example, where the author loops through the worksheets, I’d assume the user list is on sheet 1 (you are supplying the list after all). So:
Also, you know how many columns you’ll be supplying, so I’d skip that logic too. I’d also make the assumption that you have column headers for easier user reading, so skip the first row.
The above “For I = 1 to 100″ code would be replaced with the row loop.
If you’re not sure of all the different field name parts (“cn”, “givenName”, etc) the quick and dirty way to figure it out is grab a copy of Softerra’s LDAP Browser which you can get here http://www.ldapbrowser.com, and point it to your domain controller.
Good luck!