How to create, copy and remove Active Directory users using PowerShell

How to create, copy and remove Active Directory users using PowerShell


One of the most fundamental and often repeated task by an administrator is to create, copy or remove an Active directory user. Thanks to the New-ADUser cmdlet, it is extremely simple. Below are the PowerShell scripts to create, copy and remove an Active Directory user.


Create Active Directory user:


  1. #Create a new Active Directory user
  2. New-ADUser -Name "John Doe" -GivenName "John" -Surname "Doe" -SamAccountName "jdoe" -UserPrincipalName "jdoe@abc.com" -AccountPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -Enabled $true -Path "OU=Employees,DC=abc,DC=com"


This command creates a new user under the name “John Doe”, with other attributes like surname, SamAccountName, UserPrincipalName and AccountPassword. The user is enabled and stationed under the OU – “Employees” in the domain -- “abc.com”



Copy Active Directory user:


  1. #Copy an existing Active Directory user
  2. Get-ADUser -Identity "jdoe" | New-ADUser -Name "Jane Doe" -SamAccountName "jdoe2" -UserPrincipalName "jdoe2@abc.com" -Path "OU=Employees,DC=abc,DC=com"


This command retrieves the user account "jdoe" to get its attributes and creates a new user account named "Jane Doe" with the same. The only exception here are the name and SAM account name, which are set to "Jane Doe" and "jdoe2", respectively. The new user account is placed in the OU – "Employees".



Remove Active Directory user:


  1. #Remove an Active Directory user
  2. Remove-ADUser -Identity "jdoe" -Confirm:$false


The third command removes the user account "jdoe" with confirmation set to false, meaning there won’t be any prompt before deleting. 


These steps are easier when only a handful of accounts are to be handled. But when there are a large amount of users involved in the process, there are certain ways to get that done easily.



To perform bulk operations associated with the above activities these steps will help achieve them easily.


  • Create a template account
  • Copy account attributes (we will use the -Instance parameter)
  • Add the new user to the Accounts group
  • Verification of user attributes and group membership
  • Creating new Active Directory users in bulk



    • Related Articles

    • How to find unused Exchange Online mailboxes

      What are unused Exchange Online mailboxes and how to identify them? Unused Exchange Online mailboxes are user mailboxes which are currently not being used by their users. There are 3 ways in which we can identify if a mailbox is unused or not. They ...

    • Generate an Activity Report for Microsoft 365 Groups and Teams

      Introduction The activity reports available for Microsoft 365 groups and Teams can be beneficial for administrators in an organization. Microsoft 365 teams group activity reports provide insight into group activities, group workloads, group counts, ...

    • How to add/remove Active Directory users to Active Directory groups using PowerShell

      Active Directory is a powerful tool for managing users and groups in a Windows environment. One of the most often-repeated tasks for administrators is to add or remove users from Active Directory groups. In this article, we will explore how to ...

    • How to create and manage Microsoft 365 groups with PowerShell

      Introduction: Microsoft 365 Groups is a collaboration feature that allows users to work together and share resources such as calendars, files, and email messages. Microsoft 365 Groups can be created and managed using the Microsoft 365 admin center, ...

    • How to get memberships of the Active Directory user using PowerShell

      One of the essential parts of Active Directory administration is to manage user memberships in Active Directory. There may be times when the membership of a specific user need to be identified. In this article, we will explain how to use PowerShell ...