Azure AD Connect – Populate a Test AD

This post is part of a series, for the series contents see:

With AD DS setup on my IaaS machine (ad-vm), I now need to populate it with some test users that I can eventually synch up to Azure AD.

I thought I’d be able to just find an example script somewhere online and re-use that for this bit but I couldn’t really find any that I liked.  Generally, I thought most of the scripts out there over-complicated things a bit and I was looking to keep things simple.

Not really sure that my script ended up any better, though.  It’s messy but does the job.

Create Test AD OU Structure

One of the things I didn’t like with the example scripts that I found online was that they generally seem to create users in the default “Users” container.  That’s all fine and well, but I want a bit more of an OU structure in place so that later I can setup some filters on my AAD Connect box!

The script below creates a simple OU hierarchy of the sort you might see in real with parent OUs for Departments, Contractors, and Partners than then more specific OUs sitting below those.

#First setup an array to specify the AD OU structure
$CompanyStructure = `
 @("IT", "Departments"), `
 @("HR", "Departments"), `
 @("Legal", "Departments"), `
 @("Finance", "Departments"), `
 @("Sales", "Departments"), `
 @("Marketing", "Departments"), `
 @("Maintenance", "Contractors"), `
 @("Cleaning", "Contractors"), `
 @("Catering", "Contractors"), `
 @("Contoso", "Partners"), `
 @("Fabrikam", "Partners"), `
 @("Tailspin", "Partners")

#Set the Base DN
$BaseDN = "DC=irankon,DC=tk"

#Create the root OUs
#Get all the values from the parent OU part of my array
$ParentOU = $CompanyStructure | ForEach-Object { $_[1] }

#Remove duplicates by getting only unique values
$ParentOU = $ParentOU | Get-Unique

#Create OUs for those values
$ParentOU | ForEach-Object {New-ADOrganizationalUnit -Name $_ -Path $BaseDN}

#Create the child OUs
#Messy, but string concatenation was never my strong point
$CompanyStructure | ForEach-Object {New-ADOrganizationalUnit -Name $_[0] -Path ("OU=" + $_[1] + "," + $BaseDN)}

Populate with Test User Accounts

With my structure in place I can now simply setup a loop to go through a create a bunch of generic user accounts for me.

Each account will need a generic password value so rather than doing anything fancy to include one in the script I simply set it to prompt me for a value:

#First up, prompt for a default password to give to each user
$UserPassword = Read-Host 'Set a default user password' -AsSecureString

Then for the loop, I used the code below.  It really is quite poor but it does the job!

#Now create a hundred users for each OU
$CompanyStructure | `
ForEach-Object {

$UserPath = ("OU=" + $_[0] + "," + "OU=" + $_[1] + "," + $BaseDN)
$UserTotal = 100
$UserType = $_[0]

For ($UserCount=1; $UserCount -le $UserTotal; $UserCount++) {

$UserName = ($UserType + "User" + $UserCount)

New-ADUser `
-Name $UserName `
-GivenName $UserType `
-Surname ("User" + $UserCount) `
-Path $UserPath `
-SamAccountName $UserName `
-UserPrincipalName "$" `
-AccountPassword $UserPassword `
-ChangePasswordAtLogon $False `
-PasswordNeverExpires $True `
-Enabled $True `
-Division $UserType

Ta Da!  It wasn’t pretty but the upshot is that I now have something that I can synchronise up into Azure AD.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: