Today’s Tip…

Those that have heard me talk about Windows PowerShell know that I used to just hate it. Later I fell in love with it when I was writing labs for Windows Server 2012. I could replace an hour of mindless configuration time with a scrip that took 10 minutes to run.

The thing I like about Windows PowerShell the most is that you really don’t have to know that much to get started. Just keep in mind the simple ‘verb-noun’ format and you can do so much so quickly. I don’t claim to be a Windows PowerShell genius, but I do like to share stuff when I learn it.

That said, a couple weeks ago I was creating a lab that required that I make a bunch of admin accounts for my students. So I looked up what cmdlet I should be using to create accounts in Active Directory (New-ADUser).

After a little bit of tweaking, I got what I wanted out of it.

$pass = ConvertTo-SecureString -String "MyPassword" -AsPlainText -Force

New-ADUser -Name Admin1 -Enabled $true -GivenName Admin1 -SamAccountName Admin1 -UserPrincipalName Admin1@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

The first line put the password I wanted to use into the format that I needed and stuffed it in a variable called $pass.

The second line created a new AD account named Admin1, enabled the account, set the password to ‘never expire’, and used the $pass variable to set the password on the account.

Easy Peasy!

And since I needed 10 accounts like this one, I could just add more ‘New-ADUser’ lines….

$pass = ConvertTo-SecureString -String "LS1setup!" -AsPlainText -Force

New-ADUser -Name Admin1 -Enabled $true -GivenName Admin1 -SamAccountName Admin1 -UserPrincipalName Admin1@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin2 -Enabled $true -GivenName Admin2 -SamAccountName Admin2 -UserPrincipalName Admin2@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin3 -Enabled $true -GivenName Admin3 -SamAccountName Admin3 -UserPrincipalName Admin3@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin4 -Enabled $true -GivenName Admin4 -SamAccountName Admin4 -UserPrincipalName Admin4@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin5 -Enabled $true -GivenName Admin5 -SamAccountName Admin5 -UserPrincipalName Admin5@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin6 -Enabled $true -GivenName Admin6 -SamAccountName Admin6 -UserPrincipalName Admin6@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin7 -Enabled $true -GivenName Admin7 -SamAccountName Admin7 -UserPrincipalName Admin7@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin8 -Enabled $true -GivenName Admin8 -SamAccountName Admin8 -UserPrincipalName Admin8@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin9 -Enabled $true -GivenName Admin9 -SamAccountName Admin9 -UserPrincipalName Admin9@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

New-ADUser -Name Admin10 -Enabled $true -GivenName Admin10 -SamAccountName Admin10 -UserPrincipalName Admin10@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

Creating these by hand would have been a great big hassle. And now I’m going to save setup time every time the class is delivered. But the thing that bothered me about this is I still had to create all these lines in my script. It does what I want, but it could be better. More to the point, every time I need to add more accounts, I need to add more lines to the script then manually fix them up with the appropriate number for the name. So I did a quick look-up to see how loops could be done in Windows PowerShell, figuring its probably very much like C++…and I found my new best friend…the Do/While.

$pass = ConvertTo-SecureString -String "LS1setup!" -AsPlainText -Force

$i = 1

do {

New-ADUser -Name Admin$i -Enabled $true -GivenName Admin$i -SamAccountName Admin$i -UserPrincipalName Admin$i@Classroom.com -PasswordNeverExpires $true -CannotChangePassword $true -AccountPassword $pass

$i++}

while ($i -le 10)

A six line script that can create as many accounts as I want.

The first line is exactly the same as before…gets my password variable created.

The second line creates a variable that I can use for counting and incrementing ($i), and sets it to 1.

The third line simply starts the DO. Everything between the curly brackets is what happens each time through the loop.

The fourth line is very much like the second line from my old script. It creates an AD account, but instead of ‘Admin1’, the name is ‘Admin’ and then we add on the variable $i. So the first time through the loop it ends up being ‘Admin1’.

The fifth line is kind of tricky. This could appear as $i = $i +1…which increments the variable. So each time through the loop the value of $i is 1 greater than the last time. The notation here is simply a short cut that does the same thing. $i++ just means we add 1 to $i and put it back in the same variable.

The sixth line just tells us how many loops we need to run. We will run it WHILE the variable $i is ‘Less-than-or-Equal-to’ 10. So if I wanted more accounts, I would just change the 10 to whatever number of accounts I wanted. Five accounts or 500 accounts…the same six lines are all I need.

The last point is that using this loop isn’t limited to creating AD accounts. I can use it to create SMB shares (New-SmbShare), directories (New-Iteam –ItemType directory), or anything else my little mind can think up. Now that I have a Do/While loop, I just need to put in the correct cmdlet and I can make as many of whatever crazy thing I want

And I’m sure there are a dozen ways to make it even better. And that’s the cool thing about Windows PowerShell!