I'm receiving the following error in my create user script.
ConvertTo-SecureString : Cannot bind argument to parameter 'String' because it is an empty string. At C:\AD_Scripts\psscripts\user_create.ps1:59 char:54 + -AccountPassword (convertto-securestring "$Password" -AsPlainText -F ... + ~~~~~~~~~~~ + CategoryInfo : InvalidData: (:) [ConvertTo-SecureString], ParameterBindingValidationException + FullyQualifiedErrorId : ParameterArgumentValidationErrorEmptyStringNotAllowed,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand
# Import active directory module for running AD cmdlets
Import-Module activedirectory
#Store the data from ADUsers.csv in the $ADUsers variable
$ADUsers = Import-csv userimport.csv
#Store report in log file in the $log variable
$log = "log.txt"
#Loop through each row containing user details in the CSV file
foreach ($User in $ADUsers)
{
#Read user data from each field in each row and assign the data to a variable as below
$Username = $User.ID
$Password = $User.BDATE
$Firstname = $User.FNAME
$Lastname = $User.LNAME
$Department = $User.GRD
$Company = $User.SCHID #This field refers to the OU the user account is to be moved to
# Choose OU
Switch ($Company)
{
"1480" {$OU = 'OU=students,OU=users,ou=hs,dc=clasd,dc=net'}
"1479" {$OU = 'OU=students,OU=users,ou=elem,dc=clasd,dc=net'}
"1480" {$Folder = '\\hs-ss\students\hs'}
"1479" {$Folder = '\\hs-ss\students\elem'}
}
#Check to see if the user already exists in AD
if (Get-ADUser -LDAPFilter {$Username=$user.$SamAccountName})
{
#If user does exist, give a warning
Write-Warning "A user account with username $Username already exist in Active Directory."
}
else
{
#User does not exist then proceed to create the new user account
"Processing started (on " + $date + "): " | Out-File $log -append
"--------------------------------------------" | Out-File $log -append
#Account will be created in the OU provided by the $OU variable read from the CSV file
New-ADUser `
-SamAccountName $Username `
-UserPrincipalName "[email protected]" `
-Name "$Firstname $Lastname" `
-GivenName $Firstname `
-Department "$Department" `
-Company "$Company" `
-EmailAddress "[email protected]" `
-Surname $Lastname `
-Enabled $True `
-Scriptpath "login.vbs" `
-DisplayName "$Firstname $Lastname" `
-Path $OU `
-Homedrive "Z" `
-homedirectory "$Folder\$username" `
-AccountPassword (convertto-securestring "$Password" -AsPlainText -Force) `
-ChangePasswordAtLogon $true
}
}
I never received the error before I changed this line from
if (Get-ADUser -F {SamAccountName -eq $Username})
to
if (Get-ADUser -LDAPFilter {$Username=$user.$SamAccountName})
the cvs file I'm importing looks like this:
"ID","FNAME","LNAME","BDATE","GRD","SCHID" "111111","Test","student1","20001225","2016","1480" "333333","test","Student3","2001225","2025","1479"
I'm using the Bdate as the users password