Active Directory bulk load

Introduction

Part of the configuration for an application I recently developed required creating a set of test users in Active Directory. For the sake of expediency, rather than manually create each user I scripted the creation by parsing a file with the csvde command line tool.

CSV User File

Create a CSV file with the following row header columns:

DN,objectClass,distinguishedName,givenName,sn,sAMAccountName

In subsequent rows insert values similar to the following for your LDAP server and increment the integers accordingly. For example:

"CN=Test User 01,CN=Users,DC=lynx,DC=comdynamics,DC=net",user,"CN=Test User 01,CN=Users,DC=lynx,DC=comdynamics,DC=net",Test User 01,testuser01
"CN=Test User 02,CN=Users,DC=lynx,DC=comdynamics,DC=net",user,"CN=Test User 02,CN=Users,DC=lynx,DC=comdynamics,DC=net",Test User 02,testuser02
etc...
etc...

The above attributes specify a user object in an organizational unit of the LDAP tree using a first name, a surname with a unique account name (login) for the user.

Process User File

Load the users into the Active Directory server from the CSV using the following command:

csvde -i -k -f testusers.csv -s lynx.comdynamics.net

Set password for newly created users

As the csvde command does not set the password on import it is necessary to run dsmod looping through the user set as a post-import operation. Create a script with contents similar to the following:

FOR /L %%I in (1,1,9) DO dsmod user "CN= Test User 0%%I,CN=Users,DC=lynx,DC=comdynamics,DC=net" -pwd Password1 -pwdneverexpires yes
FOR /L %%I in (10,1,20) DO dsmod user "CN= Test User %%I,CN=Users,DC=lynx,DC=comdynamics,DC=net" -pwd Password1 -pwdneverexpires yes
FOR /L %%I in (20,1,30) DO dsmod user "CN= Test User %%I,CN=Users,DC=lynx,DC=comdynamics,DC=net" -pwd Password1 -pwdneverexpires yes

The above script processes a total of 30 users in the CSV file in batches of 10 and sets each user with a specific password that never expires.