Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Create test users in Active Directory with realistic data from
Create realistic-looking Active Directory accounts.
Written by Tyler Applebaum.
Version 0.2
Last Updated Jun 17 2020
Queries to generate user information. Creates an Active Directory user based on that.
Specify the number of users to create
.PARAMETER CompanyName
Specify the company name to be used in the AD users' profile
.PARAMETER Nationalities
Specify the nationality of the users you are creating. relies on this for correct address formatting.
System.String, System.Int32
CSV with the creation results; Active Directory user account
PS C:\&gt; Add-TestUsers.ps1 -NumUsers 10
Creates 10 AD user accounts
PS C:\&gt; Add-TestUsers.ps1 -NumUsers 18 -CompanyName "Apple Computer"
Creates 18 AD user accounts with Apple Computer as the Company Name under Organization
[Parameter(mandatory=$true, HelpMessage="Specify the number of users to create")]
[Parameter(HelpMessage="Specify credentials to connect from a non-domain-joined computer")]
$Credentials = [System.Management.Automation.PSCredential]::Empty,
[Parameter(HelpMessage="Specify the company name")]
[string]$CompanyName = "Evil Corp",
[Parameter(HelpMessage="Specify the users' nationalities")]
[string]$Nationalities = "US"
Function script:Set-Environment {
$RandomUsersArr = New-Object System.Collections.ArrayList
$Date = (Get-Date -Format (Get-Culture).DateTimeFormat.ShortDatePattern) -replace '/','.'
$DesktopPath = [Environment]::GetFolderPath("Desktop")
Try {
Import-Module ActiveDirectory -ErrorAction Stop
Catch [Exception] {
Return $_.Exception.Message
$DomainInfo = Get-ADDomain -Credential $Credentials -Current LocalComputer
$UsersOU=$DomainInfo.UsersContainer #Creates users in the Users container by default
$UPNSuffix = "@" + $DomainInfo.DNSRoot
} #End Set-Environment
Function script:Get-UserData {
Try {
$RandomUsers = Invoke-RestMethod "$NumUsers&amp;nat=$Nationalities" | Select-Object -ExpandProperty Results
Catch [Exception] {
Return $_.Exception.Message
} #End Get-Users
Function script:Format-Passwords {
#Generate passwords to meet default Server 2012 R2 complexity requirements -
$RandomInputSymbol = $(ForEach ($Char in @(32..47+58..64+91..96+123..126)){[char]$Char}) | Get-Random -count 2
$RandomInputNum = $(ForEach ($Char in @(48..57)){[char]$Char}) | Get-Random -count 2
$RandomInputUpper = $(ForEach ($Char in @(65..90)){[char]$Char}) | Get-Random -count 4
$RandomInputLower = $(ForEach ($Char in @(97..122)){[char]$Char}) | Get-Random -count 4
$PasswordArrComplete = $RandomInputSymbol+$RandomInputNum+$RandomInputUpper+$RandomInputLower
$Random = New-Object Random
$Password = [string]::join("",($PasswordArrComplete | sort {$Random.Next()}))
$script:PlainTextPW = @{ #Snag the plaintext password for later use
"PlainPW" = $Password
Return $Password | ConvertTo-SecureString -AsPlainText -Force #Pass a SecureString to New-ADUser
} #End Format-Passwords
. Set-Environment
. Get-UserData
ForEach ($RandomUser in $RandomUsers) {
$First = $RandomUser.Name.First.Substring(0,1).ToUpper()+$RandomUser.Name.First.Substring(1).ToLower()
$Last = $RandomUser.Name.Last.Substring(0,1).ToUpper()+$RandomUser.Name.Last.Substring(1).ToLower()
$UserProperties = @{
"GivenName" = $First
"Surname" = $Last
"Name" = $First + " " + $Last
"DisplayName" = $First + " " + $Last
"OfficePhone" = $RandomUser.Phone
"City" = $RandomUser.Location.City
"State" = $RandomUser.Location.State
"Country" = $Nationalities
"Company" = $CompanyName
"SAMAccountName" = $Last + $First[0]
"UserPrincipalName" = $Last + $First[0] + $UPNSuffix
"AccountPassword" = . Format-Passwords
"Enabled" = $True
"ChangePasswordAtLogon" = $False
"Description" = "Test Account Generated $Date by $env:username"
"Path" = $UsersOU
New-ADUser @UserProperties -Credential $Credentials
$UserPropertiesObj = New-Object PSObject -Property $UserProperties
$UserPropertiesObj | Add-Member $PlainTextPW
$RandomUsersArr.Add($UserPropertiesObj) | Out-Null #Add the object to the array
} #End ForEach
$RandomUsersArr | Export-CSV $DesktopPath\UserCreation.csv -Append -NoTypeInformation

This comment has been minimized.

Copy link
Owner Author

@tylerapplebaum tylerapplebaum commented Jun 17, 2020

Added Credential parameter to facilitate use with from a non-domain user account. The computer must still be domain joined.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.