AAD

Mass Create AAD Users

Byadmin

Require the possibility to Mass Create AAD Users from CSV file. This is highly achievable in the following blog post. AAD Connect typically automates this request. However, recently I have had to undertake this task numerous times in tenant to tenant migrations where Mailboxes are on Litigation Hold for leavers. For this reason, I had to restore the Mailbox and then create all the cloud users manually in the destination tenant so that Mailbox copy tools like Skykick, Quest, MigrationWiz could migrate the data. Lastly if looking for official Microsoft documentation on how to create a new AAD User please see here.

How to: Mass Create AAD Users

Once you have your CSV created of users which Includes the following data. UserPrincipalName, DisplayName, Alias & Email (If required and Unhashed on the below script) you are good to continue. If you need to know how to export CSV AAD via PowerShell please visit the following post.

The Script requires the following

The CSV is saved to C:\Temp\UsersToImport.csv

$UPN to be amended with the UPN required.

$PasswordProfile.Password to be amended as applicable

Connect-AzureAD

$sLogFile = ("C:\Temp\AADUserCreation.log")
$sTimestamp = Get-Date -Format "yyyyMMddHHmmss"


#Store the data from NewUsersFinal.csv in the $AADUsers variable
$AADUsers = Import-Csv "C:\Temp\UsersToImport.csv" ","
        Write-Output "Total Number of Users in CSV that are expected to be created is $($AADUsers.UserPrincipalName.count)"
		$sLogMsg = ($sTimestamp + ",Check," + "Total Number of Users in CSV that are expected to be created is $($AADUsers.UserPrincipalName.count)")
		$sLogMsg | Out-File $sLogFile -Encoding utf8 -Append -ErrorAction "Continue"

#Define UPN
$PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
$PasswordProfile.Password = "InsertRandomPassword"
$UPN = "TheTechEvolution.onmicrosoft.com"

# Loop through each row containing user details in the CSV file
foreach ($User in $AADUsers) {

    #Read user data from each field in each row and assign the data to a variable as below
    $UserPrincipalName = "$($User.UserPrincipalName + "@" + "$($UPN)")"
    $DisplayName = "$($User.DisplayName)"
    #$Email = "$($User.PrimarySMTPAddress + "@" + "$($UPN)")"
    $Alias = "$($user.Alias)"



    # Check to see if the user already exists in AD
    $CheckUser= (Get-AzureADUser | Where-Object {$_.UserPrincipalName -eq "$UserPrincipalName"})

    if ($CheckUser.objectid -eq $null) { 
        try {

        Write-Host "Checking if user $($UserPrincipalName) already exists"
        
		$sLogMsg = ($sTimestamp + ",Check," + "Verifying Account $UserPrincipalName Does not already exist")
		$sLogMsg | Out-File $sLogFile -Encoding utf8 -Append -ErrorAction "Continue"
        Write-Host "User $($UserPrincipalName) to be created"
        
        New-AzureADUser `
            -AccountEnabled $True `
            -DisplayName $DisplayName `
            -PasswordProfile $PasswordProfile `
            -MailNickName $Alias `
            -UserPrincipalName $UserPrincipalName `

        $sLogMsg = ($sTimestamp + ",Success," + "Created Account $UserPrincipalName in AAD")
		$sLogMsg | Out-File $sLogFile -Encoding utf8 -Append -ErrorAction "Continue"
    
        Remove-Variable UserPrincipalName, DisplayName, Alias, CheckUser, AccountEnabled -ErrorAction SilentlyContinue
        # If user is created, show message.
        Write-Host "AAD User account $($UserPrincipalName) has been created." -ForegroundColor Cyan

    }
    catch {

    Write-Warning "A user account with username $username already exists in Active Directory."
    $sLogMsg = ($sTimestamp + ",Error," + "Account $UserPrincipalName has not been created")
	$sLogMsg | Out-File $sLogFile -Encoding utf8 -Append -ErrorAction "Continue"
        
    }
    }
}

Remove-Variable AADUsers, CheckUser, UPN -ErrorAction SilentlyContinue

The data can be reviewed in the log file created which can be opened in Excel via a filter if there are large amounts of data, below is a small sample of the log file expected, in the event of any failures, the CSV file can be updated as the already created cloud accounts will display warnings and move forward if they already exist, preventing any unnecessary duplication.

Mass Create AAD Cloud Users

Please Leave a Comment

If the above has helped you in increase the efficiency in a mailbox migration then please let us know by leaving a comment or feel free to share the article below. If you have any errors or require more details on anything covered then please comment. Lastly, looking for more AAD articles click here.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *