i'm trying import users active directory using csv file , powershell script. create csv headers associated ad object:
mail,name,givenname,middlename,surname,company,department,title,plaintextpassword,path,description,userprincipalname
...and filled up.
now want use powershell's new-aduser cmmdlet generate users each item in sheet - problem i'm having new-aduser requires securestring, not normal string account's password. skipping conversion results in users being created correctly, no passwords , account disabled.
the command i'm using follows:
import-csv .\users.csv | add-member -passthru -membertype noteproperty -value {$_ | select plaintextpassword | convertto-securestring -fromplaintext -force} the result user records following:
mail : tom.fubar@contoso.com name : tom.fubar givenname : tom middlename : surname : fubar company : contoso department : title : technician accountpassword : longpasswordthatfitsadcomplexityrequirements123! path : ou=useraccounts,ou=it,ou=employees,dc=contoso,dc=com description : userprincipalname : tom.fubar@contoso.com encodedpassword : {$_ | select accountpassword | convertto-securestring -asplaintext -force} the bit of code should evaluated converting plaintext password securestring being passed verbatim, rather executed inline.
what proper way force code block evaluated, , use result argument new-member -value?
tried:
- enclosing script block in
$(...)- results in null noteproperty added object - replacing
{...}$(...)- results in null noteproperty added object
(as shown piping whole command get-member)
one solution i've found not bother add-member, instead use calculated property so:
import-csv .\users.csv | select -property *, @{ n="encodedpassword"; e={$_.plaintestpassword | convertto-securestring -fromplaintext -force}} (removed broken add-member after comment @petseral)
Comments
Post a Comment