Contents tagged with Active Directory

  • How to use PowerShell to populate Active Directory with plenty enough users for SharePoint

    Tags: Active Directory, Windows Server 2008 R2, SharePoint

    When testing SharePoint or any other software that uses Active Directory or any kind of data storage it is important to test with lot of data, data with variations and real life data. One area that is often forgotten is Active Directory, ok you create 10 or 20 test users, perhaps 50 or 100 users called Mr. Test Testson32 or similar, but that is not enough. I like to use some real world data for my Active Directories both for testing and for sure it looks more fancy when doing a demo with SharePoint (especially with these new social features in SharePoint 2013). So I’m going to show you some of my scripts I use for this.

    Getting me some data

    imageFirst of all we need users. And not these test users called Test1, Test2, or you pet names (well I usually throw in my kids once in a while). One fantastic source of data is the Fake Name Generator. This amazing service can get you up to 50.000 randomly generated identities in bulk. You can choose the name sets, which countries they should come from and what properties you would like. Perfect for getting data that matches your clients! For this post I retrieved 25.000 users from Sweden, US etc and using both European and Chinese names! I chose to use the following properties; Given Name, Surname, Street Address, City, State, Postal Code, Country Abbreviation, E-mail, Username, Telephone, and occupation. All this gets emailed to me as a CSV files in just a couple of minutes.

    Importing the data

    Now on to the fun stuff with PowerShell. I’m going to take this CSV file import it into a PowerShell object, transform it a bit and then just create Active Directory accounts from them. Let’s start with some preparations.

    First of all I create a specific OU (“Demo Users”) to place all these accounts in, and I also set some password restrictions (well, this is a demo).

    Import-Module ActiveDirectory
    $dn = (Get-ADDomain).DistinguishedName
    $forest = (Get-ADDomain).Forest
    
    Set-ADDefaultDomainPasswordPolicy $forest -ComplexityEnabled $false -MaxPasswordAge "1000" -PasswordHistoryCount 0 -MinPasswordAge 0
    
    $ou = Get-ADOrganizationalUnit -Filter 'name -eq "Demo Users"'
    if($ou -eq $null) {
        New-ADOrganizationalUnit -Name "Demo Users" -Path $dn
        $ou = Get-ADOrganizationalUnit -Filter 'name -eq "Demo Users"'
    }

    Once this is done it’s time to start fiddling with the data. First of all I import the CSV file into a PowerShell object like this (of course you need to replace the file name with yours):

    $data = Import-Csv .\FakeNameGenerator.com_d7a08270.csv

    Then we’ll refine the CSV data into a new PowerShell structure, you can mix and fiddle with this as you like. Notice that my structure uses the parameter names of the New-ADUser cmdlet, so if you want to add cell phone and other attributes to your AD accounts, here’s the place to add them.

    $refineddata = $data | select  @{Name="Name";Expression={$_.Surname + ", " + $_.GivenName}},`
             @{Name="SamAccountName"; Expression={$_.Username}},`
             @{Name="UserPrincipalName"; Expression={$_.Username +"@" + $forest}},`
             @{Name="GivenName"; Expression={$_.GivenName}},`
             @{Name="Surname"; Expression={$_.Surname}},`
             @{Name="DisplayName"; Expression={$_.Surname + ", " + $_.GivenName}},`
             @{Name="City"; Expression={$_.City}},`
             @{Name="StreetAddress"; Expression={$_.StreetAddress}},`
             @{Name="State"; Expression={$_.State}},`
             @{Name="Country"; Expression={$_.Country}},`
             @{Name="PostalCode"; Expression={$_.ZipCode}},`
             @{Name="EmailAddress"; Expression={$_.EmailAddress}},`
             @{Name="AccountPassword"; Expression={ (Convertto-SecureString -Force -AsPlainText "WictorRocks!")}},`
             @{Name="OfficePhone"; Expression={$_.TelephoneNumber}},`
             @{Name="Title"; Expression={$_.Occupation}},`
             @{Name="Enabled"; Expression={$true}},`
             @{Name="PasswordNeverExpires"; Expression={$true}}

    As you can see I fix the Name and DisplayName properties and makes sure that the UPN uses the DNS name from the forest etc. I also enable all the users.

    And now all that is left is to add them to Active Directory! I don’t just add them to the OU created above, instead I actually create one OU for each Country – this makes it more easier to manage and also gives me an opportunity to test accounts in different OU’s. So here’s the snippet to add the users and create the other OU’s:

    $refineddata | % {
        $subou = Get-ADOrganizationalUnit -Filter "name -eq ""$($_.Country)""" -SearchBase $ou.DistinguishedName        
        if($subou -eq $null) {
            New-ADOrganizationalUnit -Name $_.Country -Path $ou.DistinguishedName
            $subou = Get-ADOrganizationalUnit -Filter "name -eq ""$($_.Country)""" -SearchBase $ou.DistinguishedName        
        }
        $_ | Select @{Name="Path"; Expression={$subou.DistinguishedName}},* | New-ADUser   
    }

    For 25.000 users this will run for a while, but it’s worth it!

    Note that you’ll get some errors while running this with lots of users normally. This is due to that some of the usernames are repeated. Of course with some handy PowerShell magic that can be fixed as well…

    And here’s the result

    If we now take a look in the Active Directory Users and Computers snap-in it should look something like this:

    OU's

    And then if we drill down into one of the OU’s there should be tons of users:

    Lotsa users

    All with nice details:

    An account

    Summary

    Now you’ve seen a very simple and fast way to generate lots of demo data for Active Directory. Of course you can modify the snippets above and adapt to your requirements. And you don’t need 25.000 users in your development environment remember it will take some time to sync and crawl with SharePoint…

About Wictor...

Wictor Wilén is a Director and SharePoint Architect working at Connecta AB. Wictor has achieved the Microsoft Certified Architect (MCA) - SharePoint 2010, Microsoft Certified Solutions Master (MCSM) - SharePoint  and Microsoft Certified Master (MCM) - SharePoint 2010 certifications. He has also been awarded Microsoft Most Valuable Professional (MVP) for four consecutive years.

And a word from our sponsors...

SharePoint 2010 Web Parts in Action