PowerShell Logo Small


This is the built-in help made by Microsoft for the command 'New-ADUser', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.


Creates a new Active Directory user.


New-ADUser [-Name] <String> [-AccountExpirationDate <DateTime>] [-AccountNotDelegated <Boolean>] [-AccountPassword <SecureString>] [-AllowReversiblePasswordEncryption
<Boolean>] [-AuthenticationPolicy <ADAuthenticationPolicy>] [-AuthenticationPolicySilo <ADAuthenticationPolicySilo>] [-AuthType {Negotiate | Basic}] [-CannotChangePassword
<Boolean>] [-Certificates <X509Certificate[]>] [-ChangePasswordAtLogon <Boolean>] [-City <String>] [-Company <String>] [-CompoundIdentitySupported <Boolean>] [-Country
<String>] [-Credential <PSCredential>] [-Department <String>] [-Description <String>] [-DisplayName <String>] [-Division <String>] [-EmailAddress <String>] [-EmployeeID
<String>] [-EmployeeNumber <String>] [-Enabled <Boolean>] [-Fax <String>] [-GivenName <String>] [-HomeDirectory <String>] [-HomeDrive <String>] [-HomePage <String>]
[-HomePhone <String>] [-Initials <String>] [-Instance <ADUser>] [-KerberosEncryptionType {None | DES | RC4 | AES128 | AES256}] [-LogonWorkstations <String>] [-Manager
<ADUser>] [-MobilePhone <String>] [-Office <String>] [-OfficePhone <String>] [-Organization <String>] [-OtherAttributes <Hashtable>] [-OtherName <String>] [-PassThru]
[-PasswordNeverExpires <Boolean>] [-PasswordNotRequired <Boolean>] [-Path <String>] [-POBox <String>] [-PostalCode <String>] [-PrincipalsAllowedToDelegateToAccount
<ADPrincipal[]>] [-ProfilePath <String>] [-SamAccountName <String>] [-ScriptPath <String>] [-Server <String>] [-ServicePrincipalNames <String[]>] [-SmartcardLogonRequired
<Boolean>] [-State <String>] [-StreetAddress <String>] [-Surname <String>] [-Title <String>] [-TrustedForDelegation <Boolean>] [-Type <String>] [-UserPrincipalName <String>]
[-Confirm] [-WhatIf] [<CommonParameters>]

Search powershellhelp.space


The New-ADUser cmdlet creates a new Active Directory user. You can set commonly used user property values by using the cmdlet parameters.

Property values that are not associated with cmdlet parameters can be set by using the OtherAttributes parameter. When using this parameter be sure to place single quotes
around the attribute name.

You must specify the SamAccountName parameter to create a user.

You can use the New-ADUser cmdlet to create different types of user accounts such as iNetOrgPerson accounts. To do this in AD DS, set the Type parameter to the LDAP display
name for the type of account you want to create. This type can be any class in the Active Directory schema that is a subclass of user and that has an object category of

The Path parameter specifies the container or organizational unit (OU) for the new user. When you do not specify the Path parameter, the cmdlet creates a user object in the
default container for user objects in the domain.

The following methods explain different ways to create an object by using this cmdlet.

Method 1: Use the New-ADUser cmdlet, specify the required parameters, and set any additional property values by using the cmdlet parameters.

Method 2: Use a template to create the new object. To do this, create a new user object or retrieve a copy of an existing user object and set the Instance parameter to this
object. The object provided to the Instance parameter is used as a template for the new object. You can override property values from the template by setting cmdlet
parameters. For examples and more information, see the Instance parameter description for this cmdlet.

Method 3: Use the Import-Csv cmdlet with the New-ADUser cmdlet to create multiple Active Directory user objects. To do this, use the Import-Csv cmdlet to create the custom
objects from a comma-separated value (CSV) file that contains a list of object properties. Then pass these objects through the pipeline to the New-ADUser cmdlet to create
the user objects.



Online Version: http://go.microsoft.com/fwlink/p/?linkid=291077




-------------------------- EXAMPLE 1 --------------------------

PS C:\>New-ADUser -Name "GlenJohn" -Certificate (new-object System.Security.Cryptography.X509Certificates.X509Certificate -ArgumentList "export.cer")

This command creates a new user named GlenJohn with a certicate imported from the file export.cer.

-------------------------- EXAMPLE 2 --------------------------

PS C:\>New-ADUser -Name "GlenJohn" -OtherAttributes @{'title'="director";'mail'="glenjohn@fabrikam.com"}

This command creates a new user named GlenJohn and sets the title and mail properties on the new object.

-------------------------- EXAMPLE 3 --------------------------

PS C:\>New-ADUser -Name "GlenJohn" -Type iNetOrgPerson -Path "DC=AppNC" -Server lds.Fabrikam.com:50000

This command creates a new inetOrgPerson named GlenJohn on an AD LDS instance.