Bulk Creating Users For Your Test Network

KB ID 0000784 

Problem

Update Jan 2023: Feel free to use this Bulk-Create-AD-Users-Script (Just remeber to change the domain details in the “Global Variables’ Sections to give you 10o0 users, with sensible names addreeses etc.

Having a test network, is great for both learning, and testing. I’ve got some major migrations coming up in the next few months, so I’m in the process of running up some new test servers. I usually run a quick .vbs file like this;

[box]

Set objRootDSE = GetObject("LDAP://rootDSE")
Set objContainer = GetObject("LDAP://cn=Users," & _
objRootDSE.Get("defaultNamingContext"))

For i = 1 To 1000
Set objLeaf = objContainer.Create("User", "cn=UserNo" & i)
objLeaf.Put "sAMAccountName", "UserNo" & i
objLeaf.SetInfo
Next
WScript.Echo "1000 Users created."

[/box]

Save that as createusers.vbs and run it on your domain controller and it will churn out 1000 users (named UserNo1 – UserNo1000). They will be disabled, with no passwords, but that can be rectified with a few mouse clicks.

But I want something a little more realistic, so I found a random name generator, and decided to have a script to create 1000 users that were a little more ‘lifelike’.

Solution

1. Download this zip file, and extract it to your desktop. To run the script you will need to set your Execution Policy with the following command;

[box]
Set-ExecutionPolicy Unrestricted[/box]

2. You will need to change a couple of lines in the newusers.ps1 file open it with notepad and change the domain details to match yours;

[box]

$TargetOU = [ADSI]“LDAP://CN=Users,DC=pnl,DC=com”
foreach ($user in import-csv usernames.csv)
{
$newUser = $TargetOU.Create(“user”,“cn=” +$user.login)
$newUser.put(“sn”, $user.Last)
$newUser.put(“DisplayName”, $user.First + ” “ +$user.Last)
$newUser.put(“givenName”, $user.First)
$newUser.put(“sAMAccountName”,$user.login)
$newUser.put(“userPrincipalName”,$user.login + “@pnl.com”)
$newUser.SetInfo()
$newUser.SetPassword($user.password)
$newUser.put(“userAccountControl”, 512)
$newUser.SetInfo()
}

[/box]

3. Change directory to the folder with your script in, and run it, it will put the details from the usernames spreadsheet;

[box]

cd Desktop/New_Users
./Newusers.ps1

[/box]

3. Look in Active Directory and there are your new users.

Bulk Creating Mailbox’s for your Users

Now I’ve got my users in AD, I want them all to have a mailbox, so a quick PowerShell command;

[box]
Get-User -OrganizationalUnit “pnl.com/users/” -ResultSize Unlimited | Enable-Mailbox -Database “Mailbox-Database” [/box]

It will throw out the odd error (e.g. if it finds users that are already mail enabled), that’s OK.

Related Articles, References, Credits, or External Links

NA

PowerShell: Bulk Add/Remove Users From Groups

KB ID 0001475

Problem

I had to do this a few weeks ago, so I documented it. I had a list of usernames in a CSV file and I needed to bulk-add them to a security group.

Bulk Add Group Users Solution

Firstly you will need the usernames (sAMAccountNames) in .csv format like so,  (Note: As a header Im using User-Name.) I’ve saved the file to C:\Temp on my server.

Execute the following commands;

[box]

Import-Module ActiveDirectory 

Import-Csv -Path “C:\Temp\Users-To-Add.csv” | ForEach-Object {Add-ADGroupMember -Identity “Group-Name” -Members $_.’User-Name’}

[/box]

And there’s our users;

Bulk Remove Group Users Solution

Use the following command;

[box]Import-Csv -Path “C:\Temp\Users-To-Remove.csv” | ForEach-Object {Remove-ADGroupMember -Identity “Group-Name” -Members $_.’User-Name’ -Confirm:$false}[/box]

Now if we check the group, the users have gone;

Related Articles, References, Credits, or External Links

PowerShell: Bulk Enable / Disable Users

Exchange Bulk Export / Import Mail Contacts

Bulk Export Users From One Domain, and Import Into Another

PowerShell: Add All Members of an OU to a Security Group

Exchange: Importing Mail From PST Files (including Bulk Importing)

KB ID 0000443

Problem

If you have mail in .PST file format that you would like to import, either exported via ExMerge from an older Exchange server, or Exported via Outlook, or even exported via PowerShell, then the process for importing that mail into Exchange has been the same since Exchange 2010 (SP1).

Before SP1 you would have to install a copy of Outlook on the Exchange server and use a PowerShell command that looks like this (once you had granted Import/Export rights);

[box]

BEFORE Exchange 2010 SP1

Get-Mailbox | Import-Mailbox –PSTFolderPath C:Folder_Containing_PST_Files

[/box]

 

However try that after SP1 and you will get an error message, saying that Import-Mailbox is not a commandlet. That’s because now you no longer use this command you use “New-MailboxImportRequest”, and you also no longer need Outlook installing on the server.

How To Import PST Files

Note: To Bulk Import (See Below)

Firstly make sure the folder you are importing from is shared and the ‘Exchange Trusted Subsystem’ has read permissions, and SYSTEM has full control.

Grant the user you you want to Import the PST file with the appropriate permissions;

[box]New-ManagementRoleAssignment –Role “Mailbox Import Export” –User {username}[/box]

Note: This grants import and export rights, if you want to grant these permissions to a ‘group’ then see instructions below.

To submit the import request;

[box]New-MailboxImportRequest-FilePath \\{server-name}\{folder-name}\{filename}.pst -Mailbox “{mailbox-user}”[/box]

To check progress;

[box]Get-MailboxImportRequest
OR
Get-MailboxImportRequest | Get-MailboxImportRequestStatistics[/box]

If Mailbox Importing Fails

To troubleshoot failures, try using the following command and analysing the output;

[box]Get-MailboxImportRequest | Get-MailboxImportRequestStatistics -IncludeReport | fl [/box]

i.e. below you can see the problem was;

“This mailbox exceeded the maximum number of large items that were specified for this request. (Fatal error TooManyLargeItemsPermanentException has occurred.)”

To fix that error you can use the ‘-LargeItemLimit 200 -AcceptLargeDataLoss’ flags (which sounds alarming, but I have not seen it break anything in the last ten years).

Importing PST Files From the Exchange Admin Center

You can import PST files directly in the management GUI > Recipients > Mailboxes > Select the target mailbox > {Ellipses} > Import PST.

Enter the path to the .PST file > Next.

Select the target mailbox > Next.

Optional: Select a user to be emailed an export report.

Note: To view progress and troubleshoot failures, you will have to revert to PowerShell.

How To BULK Import .PST Files

Note: To BULK Import successfully, the .PST file MUST have the same name as the alias of the target mailbox.

Commands Required

1. Once you have created a “Universal Security Group” in this example called “Mailbox_Import” then assign the mailbox import/export roles with the following command;

[box] New-ManagementRoleAssignment –Name “MailboxImportExport” –SecurityGroup “Mailbox_Import” –Role “Mailbox Import Export” [/box]

Note: If you create a ‘global security group’ you will see an error when you try to import.

2. Remember to log off and back on as the user in question before proceeding.

3. To Start the bulk import use the following command, (all you should need to change is the UNC path to the folder with the .pst files in);

[box] Dir DC2APST_To_Import*.pst | %{ New-MailboxImportRequest -Name BulkPSTImport -BatchName Recovered -Mailbox $_.BaseName -FilePath $_.FullName} [/box]

4. Check on progress with the following four commands;

[box]

Get-MailboxImportRequest -Status Completed
Get-MailboxImportRequest -Status Queued
Get-MailboxImportRequest -Status InProgress
Get-MailboxImportRequest -Status Failed

[/box]

5. When finished, flush the requests with;

[box]

Get-MailboxImportRequest -Status Completed | Remove-MailboxImportRequest
Get-MailboxImportRequest -Status Failed | Remove-MailboxImportRequest

[/box]

Note: Enter “A” To accept multiple removes at once.

If New-MailboxImportRequest Fails

Firstly you need to find out why it failed, to do that you need to generate an error log.

[box] Get-MailboxImportRequest | Get-MailboxImportRequestStatistics -IncludeReport | fl >errorlog.txt[/box]

Then open that log file, to see what it says.

Common Errors

FailureType : TooManyBadItemsPermanentException Message : Error: This mailbox exceeded the maximum number of corrupted items that were specified for this move request.

This happens when it sees items in the mailbox it does not like, or considers corrupt. To get round this problem, import the .pst file on its own with the following command;

[box] New-MailboxImportRequest -Mailbox joe.soap -FilePath “DC2APST_TO_IMPORTjoe.soap.PST” -BadItemLimit 200 -AcceptLargeDataLoss[/box]

FailureType : MapiExceptionShutoffQuotaExceeded Message : Error: MapiExceptionShutoffQuotaExceeded: Unable to save changes. (hr=0x80004005, ec=12 45)

This happens if you have a limit on the mailbox size, and to import from this PST file would break that restriction.

FailureType : MailboxReplicationPermanentException Message : Error: serverfolderfilename.pst –> Page map offset {number} is greater than buffer length {number}.

This happens because you exported a PST file either using ExMerge or an older version of Outlook and it’s too big. Make sure it’s well under 2GB.

Additionally

If you want to import the “Old” mail into a folder within the target users mailbox, you can use the following command instead of the one in step 3;

[box] Dir DC2APST_To_Import*.pst | %{ New-MailboxImportRequest -Name RecoveredPST -BatchName Recovered -Mailbox $_.BaseName -FilePath $_.FullName -TargetRootFolder Imported_Mail} [/box]

Related Articles, References, Credits, or External Links

Exchange Exporting Mailboxes to PST Files

Exchange 2000/2003 Exporting mailbox’s with ExMerge

Exchange 2007 – Export Mailbox’s to PST files

Bulk Importing Users with CSVDE

KB ID 0000498 

Problem

This is not a task I’ve had to do for ages, so when I had to do it this week, I thought I’d just do a quick Google search as a refresher. What I can remember was a simple task took me far too long to work out. So heres a quick solution for everybody else.

Solution

Before I begin, the spreadsheet below, was the hard work of John Haddock, I have only made some minor tweaks and adjustments.

1. You will need the names of the users you want to import in a spreadsheet, preferably with their first name and last names in different columns.

2. Download the CSVDE-Template spreadsheet.

3. On the first tab of the spreadsheet (Setup) enter your domain details, and the other cells as required.

4. Select the second tab (Auto-Generated-Version), and paste your users first-names into column G (Labelled gn for Given Name), and their surnames into column D (Labelled sn).

5. The rest of the fields should now “Auto fill”. To make sure all the user names are unique, look down column V (Duplicate check), and make sure all the entries say “False” if any say “true” you will need to alter the values for that user manually.

6. Once you are happy, select all the columns (Except U and V, {the yellow ones}) and copy them to the clipboard.

7. Select the third Tab (Paste-Your-CSV-Data-Here), Select the entire spreadsheet and Paste Special > Paste Values. (So the formulas DONT get pasted into the spreadsheet).

8. File > Save As > Change the “Save as type” to CSV >Save > OK > Yes.

9. Then at command line issue the following command:

10. All being well it should say “The command has completed successfully” If it does fail it handily tells you what line of the spreadsheet it failed on so you can investigate.

11. By default all the user accounts will be disabled, but you can select them all and enable them.

12. If you would like to reset all the passwords on mass, see the following article:

Windows – Reset all User Passwords in an OU

 

Related Articles, References, Credits, or External Links

NA

Bulk Export Users From One Domain, and Import Into Another

KB ID 0000794 

Problem

I’ve written in the past about bulk importing users with CSVDE, but what if you want to move/migrate your users to another domain? You first need to export all the users, then import them into the new domain.

Solution

Step 1 Export Domain Users to CSV File

1. Here all my users are in one OU, if that OU has ‘nested OU’s within it that’s OK.

2. The command to ‘export’ is as follows;

Note: You need to ‘run as administrator

[box]

csvde -d {LDAP Path} -f c:\filename.csv

Example

csvde -d "ou=Main-Site,dc=pnl,dc=com" -f C:\ExportedUsers.csv

[/box]

3. The users will be exported. If it fails at this point it will give you a descriptive error, CSVDE has been around for a while, Google the error (most fixes are pretty simple).

4. Now open the CSV File with Excel, the second line will probably be the OU, you can leave this here if you want but if your target OU is different (or Like me you prefer to create it manually), then delete row 2 (Don’t delete Row 1!).

5. You do not need all the columns, delete all the columns EXCEPT,

DN
objectClass
ou
distinguishedName
name
cn
sn
givenName
displayName
sAMAccountName
userPrincipalName

So when complete it should look like the following;

6. Change any details in the LDAP path that are different for the new domain.

7. You may also need to change the domain name that’s listed on the userPrincipleName.

Step 2 Import Domain Users from CSV File

1. On the target domain, (if you are not importing the OU’s, then make sure they already exist). The syntax for the import is;

[box]

csvde -i -f c:\filename.csv

 

[/box]

9. Your users should be imported.

10. By default they will be disabled, but you can bulk enable them.

11. At this point all the users have no password, this can also be bulk set.

Windows – Reset all User Passwords in an OU

 

Related Articles, References, Credits, or External Links

NA