Bird
Raised Fist0
PowerShellscripting~30 mins

New-ADUser and Set-ADUser in PowerShell - Mini Project: Build & Apply

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Create and Update Active Directory Users with PowerShell
📖 Scenario: You are an IT administrator managing user accounts in an Active Directory (AD) environment. You need to create new user accounts and update their properties using PowerShell commands.
🎯 Goal: Learn how to create a new AD user with New-ADUser and update user properties with Set-ADUser using PowerShell.
📋 What You'll Learn
Create a new AD user with specific properties using New-ADUser
Set a password for the new user
Enable the new user account
Update the user's office location using Set-ADUser
Display the updated user properties
💡 Why This Matters
🌍 Real World
IT administrators often need to automate user account creation and updates in Active Directory to save time and reduce errors.
💼 Career
Knowledge of New-ADUser and Set-ADUser commands is essential for system administrators managing Windows networks and Active Directory.
Progress0 / 4 steps
1
Create a new AD user with basic properties
Create a new AD user with the username jdoe, given name John, surname Doe, and user principal name jdoe@example.com using New-ADUser. Use the -AccountPassword parameter with a secure string password P@ssw0rd123 and set -Enabled to $false initially.
PowerShell
Hint

Use ConvertTo-SecureString to create a secure password string for -AccountPassword.

2
Enable the user account
Create a variable called $username and set it to jdoe. Then enable the user account by running Set-ADUser with the -Enabled $true parameter for the user with SamAccountName $username.
PowerShell
Hint

Use Set-ADUser -Identity $username -Enabled $true to enable the user.

3
Update the user's office location
Use Set-ADUser to update the office location of the user with SamAccountName $username to Headquarters. Use the -Office parameter.
PowerShell
Hint

Use Set-ADUser -Identity $username -Office "Headquarters" to update the office location.

4
Display the updated user properties
Use Get-ADUser with the -Identity $username parameter and -Properties Office to get the user details. Then print the user's name and office location using Write-Output in the format: User: John Doe, Office: Headquarters.
PowerShell
Hint

Use Get-ADUser -Identity $username -Properties Office to get the user, then print with Write-Output.

Practice

(1/5)
1. What is the primary purpose of the New-ADUser cmdlet in PowerShell?
easy
A. To list all users in Active Directory
B. To delete an existing user account
C. To reset a user's password
D. To create a new user account in Active Directory

Solution

  1. Step 1: Understand the cmdlet purpose

    New-ADUser is designed to create new user accounts in Active Directory.

  2. Step 2: Compare with other options

    Deleting users, resetting passwords, or listing users are done by other cmdlets like Remove-ADUser, Set-ADAccountPassword, or Get-ADUser.

  3. Final Answer:

    To create a new user account in Active Directory -> Option D

  4. Quick Check:

    New-ADUser creates users = A [OK]
Hint: New-ADUser always creates, not modifies or deletes [OK]
Common Mistakes:
  • Confusing New-ADUser with Set-ADUser
  • Thinking it deletes users
  • Assuming it lists users
2. Which of the following is the correct syntax to create a new AD user with username 'jdoe' and display name 'John Doe' using New-ADUser?
easy
A. New-ADUser -SamAccountName 'jdoe' -DisplayName 'John Doe'
B. New-ADUser -Name 'jdoe' -DisplayName 'John Doe'
C. New-ADUser -UserName 'jdoe' -Display 'John Doe'
D. New-ADUser -User 'jdoe' -Name 'John Doe'

Solution

  1. Step 1: Identify correct parameters for New-ADUser

    The parameter for username is -SamAccountName, and for display name is -DisplayName.

  2. Step 2: Check each option

    New-ADUser -SamAccountName 'jdoe' -DisplayName 'John Doe' uses -SamAccountName 'jdoe' and -DisplayName 'John Doe', which is correct syntax.

  3. Final Answer:

    New-ADUser -SamAccountName 'jdoe' -DisplayName 'John Doe' -> Option A

  4. Quick Check:

    SamAccountName sets username = A [OK]
Hint: Use -SamAccountName for username in New-ADUser [OK]
Common Mistakes:
  • Using -UserName instead of -SamAccountName
  • Using -Name instead of -DisplayName
  • Mixing parameter names incorrectly
3. What will be the output of this PowerShell command sequence?
New-ADUser -SamAccountName 'asmith' -Name 'Alice Smith' -AccountPassword (ConvertTo-SecureString 'P@ssw0rd' -AsPlainText -Force) -Enabled $true
Set-ADUser -Identity 'asmith' -Title 'Manager'

What is the Title property of user 'asmith' after running these commands?
medium
A. No Title property set
B. Manager
C. Alice Smith
D. P@ssw0rd

Solution

  1. Step 1: Create user with New-ADUser

    The user 'asmith' is created with name 'Alice Smith' and password set, enabled account.

  2. Step 2: Update user with Set-ADUser

    The Set-ADUser command sets the Title property to 'Manager' for user 'asmith'.

  3. Final Answer:

    Manager -> Option B

  4. Quick Check:

    Set-ADUser updates Title = C [OK]
Hint: Set-ADUser changes properties after user creation [OK]
Common Mistakes:
  • Assuming Title is set by New-ADUser without parameter
  • Confusing password with Title property
  • Thinking Title remains empty
4. You run this command to update a user's department:
Set-ADUser -Identity 'bwhite' -Department 'Sales'

But you get an error: "Cannot find an object with identity: 'bwhite'". What is the most likely cause?
medium
A. The Identity parameter requires an email address
B. The Department property cannot be set with Set-ADUser
C. User 'bwhite' does not exist in Active Directory
D. You must use New-ADUser to update users

Solution

  1. Step 1: Analyze the error message

    The error says it cannot find an object with identity 'bwhite', meaning the user does not exist or the name is incorrect.

  2. Step 2: Check other options

    Department can be set with Set-ADUser, New-ADUser is for creating users, and Identity accepts username or distinguished name, not necessarily email.

  3. Final Answer:

    User 'bwhite' does not exist in Active Directory -> Option C

  4. Quick Check:

    Identity error means user missing = D [OK]
Hint: Check user exists before Set-ADUser [OK]
Common Mistakes:
  • Assuming Department can't be set
  • Using New-ADUser to update existing users
  • Using wrong Identity format without verifying user
5. You want to create a new user 'mjohnson' with the display name 'Mary Johnson' and then immediately set her office location to 'HQ-5'. Which sequence of commands correctly achieves this?
hard
A. New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' Set-ADUser -Identity 'mjohnson' -Office 'HQ-5'
B. Set-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' New-ADUser -Identity 'mjohnson' -Office 'HQ-5'
C. New-ADUser -UserName 'mjohnson' -Name 'Mary Johnson' -Office 'HQ-5' -Enabled $true
D. New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' -Office 'HQ-5' -Enabled $true

Solution

  1. Step 1: Create user with New-ADUser

    Use -SamAccountName and -DisplayName to create the user. Office location is not set here.

  2. Step 2: Update office location with Set-ADUser

    Use Set-ADUser -Identity 'mjohnson' -Office 'HQ-5' to set the office property after creation.

  3. Step 3: Evaluate other options

    Set-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' New-ADUser -Identity 'mjohnson' -Office 'HQ-5' tries to update before creation, which fails. New-ADUser -UserName 'mjohnson' -Name 'Mary Johnson' -Office 'HQ-5' -Enabled $true uses wrong parameters. New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' -Office 'HQ-5' -Enabled $true fails because -Enabled $true requires -AccountPassword (e.g., (ConvertTo-SecureString 'P@ssw0rd' -AsPlainText -Force)), which is missing.

  4. Final Answer:

    New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' Set-ADUser -Identity 'mjohnson' -Office 'HQ-5' -> Option A

  5. Quick Check:

    Create then update properties = B [OK]
Hint: Create user first, then update extra properties with Set-ADUser [OK]
Common Mistakes:
  • Trying to set unsupported properties in New-ADUser
  • Running Set-ADUser before user exists
  • Using wrong parameter names