This is probably an old topic but I’ll blog it anyways in case someone might find it useful.
This article is about how to create a list of new users in a specific OU. So here are the requirements:
Users are required to change password at first log on
User accounts are enabled
Username would be the first initial + lastname
There will be a same default password assigned to all of the users
Steps:
Create a batch file with the following content
@echo off
cls
echo Creating Accounts
echo ——————
for /f “tokens=1-3” %%A in (userlist.txt) do (dsadd user “CN=%%A,ou=Support,ou=IT,dc=thenguyen,dc=local” -fn %%B -ln %%C -display “%%B %%C” -upn %%A@thenguyen.local -pwd Passw0rd1 -mustchpwd yes -disabled no)
echo ——————
pause
Create a text file call userlist.txt. Enter in the user’s information as follow:
Username Firstname Lastname
Example:
pnguyen Peter Nguyen
Explanation – I will only explain what the for loop does since it’s the main part of the batch file that loops through the userlist.txt file to create users
for /f “tokens=1-3” %%A in (userlist.txt) do:
Will read through the userlist.txt file line by line using the “tokens” which are the Username Firstname Lastname elements in that text file. The %%A is a variable representing the first element of the line that was recently read which is token 1. For each of the %%A that was read, the For loop will perform the following:
dsadd user “CN=%%A,ou=Support,ou=IT,dc=thenguyen,dc=local” -fn %%B -ln %%C -display “%%B %%C” -upn%%A@thenguyen.local -pwd Passw0rd1 -mustchpwd yes -disabled no
dsadd user – tells the machine to prepare to add a user
CN=%%A,ou=support,ou=IT,dc=thenguyen,dc=local – In this example %%A would be pnguyen, and then ds add would put pnguyen in the “TheNguyen.Local\IT\Support” OU.
-fn %%B -ln %%C -display “%%B %%C” – FN specifies the first name of the user, in this case would be %%B (Peter) or the second token that was read in from userlist.txt. -LN %%C specifies the last name of the user, in this case would be %%C (Nguyen) or the third token that was read in from the file. -Display “%%B %%C” tells the command to use first name last name as the display name for the user
-upn %%A@thenguyen.local – Tells the command to use %%A (pnguyen) as the UPN or log on name of the user
-pwd Passw0rd1 -mustchpwd yes – Specifies the password is Passw0rd1 and that user must change password at next log on
-disabled no – ensures that user account is not disabled after its been created.
Zero Day IT - Peter V Nguyen 
it gives an errror
Creating Accounts
ùùùùùù
1-3? was unexpected at this time.
please tell what to do?
WOW, I found this very useful as I have been searching the net for similar code: In my situation I have a file with username, password only and needed to do the same but on standalone windows 2003 server ( no Active Directory). Here is my full requirement:
I have local standalone Windows 2003 which is not part of any Active Directory. I have a list of users (containing UserName & Password per line) in a CSV file and contain about 300+ username and passwords. I am looking for a batch script that will loop through this file of users and perform the following tasks on the local windows 2003 servers. There will be two CSV files, one containing users account to be deleted or drop from windows server, and the other will contain users who needs to be created if not already existed on the server. The windows 2003 Server name is: TServer01
Part A: Drop users from the Drop List (DropUserList.txt) from my windows 2003 server
Drop/Delete users accounts & Permissions for those already existing on the server and listed in the Drop CSV file
Part B: Add new users who are not already on the servers
1) Create the UserName and Password ( from the file: CreateUsersList.txt), and set to never expire
2) Map the user to an existing home directory share called (HomeShare) which already exists
3) Create a roaming profile for each of the users
Let me explain why I am doing this:
I know you may be thinking, what is the purpose for this. We have a local community education center and one windows 2003 server. We train students for 3 months interval and need a way to automatically control access to the server for training resource delivered through Home Directory (HomeShare) local share. Instead of manually creating 300+ students account every 3 months, and have to delete the accounts for those who have completed the course and left, is extraneous. The two user CSV files (Drop and Create) users, will be created by the administrator and placed on the windows server to use by this batch program which we can schedule on windows tasks manager.
I will really appreciate such a batch script or any better way to do the job above will be welcome
Thanks in advance
Wow, this is a great post. Thanks for the script. I will be testing it this weekend and to let everyone else know
test comment
Hi,
To get this script working you need to do the following:
1) Copy and paste the batch file code into a text file and save with a .bat extension.
2) Fix the code to replace the smart quotes “ ” with straight quotes ”
3) Change the paths to match your domain, for example if your domain was acme.local, and the OU for new user accounts was called ‘staging’ then the code would change like this:
“CN=%%A,ou=Support,ou=IT,dc=thenguyen,dc=local” … @thenguyen.local
“CN=%%A,ou=staging,dc=acme,dc=local” … @acme.local
4) Create and save the userlist.txt file in the same directory as the batch file.
5) Run the .bat file as a user who has rights to make changes to active directory. In a new domain, only the domain administrator will have this permission.
I have confirmed the script works with these instructions.
Thanks for the code.
Thanks for the clarification Chris.
Hi
I read your explanation it is very clear. But when i tried it showing error.if you dont mind can you send me a batch file and user list as an example. if you would it will be greatfull for me.
Please follow Chris’s suggestion in the reply