Bird
Raised Fist0
PowerShellscripting~10 mins

New-ADUser and Set-ADUser in PowerShell - Step-by-Step Execution

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Concept Flow - New-ADUser and Set-ADUser
Start
Run New-ADUser
User Created in AD
Run Set-ADUser
User Properties Updated
End
First, a new user is created with New-ADUser. Then, Set-ADUser updates properties of that user.
Execution Sample
PowerShell
New-ADUser -Name "John Doe" -SamAccountName "jdoe" -AccountPassword (ConvertTo-SecureString "P@ssw0rd" -AsPlainText -Force) -Enabled $true
Set-ADUser -Identity "jdoe" -Title "Developer"
Creates a new Active Directory user named John Doe, then sets his job title to Developer.
Execution Table
StepCommandActionResultOutput
1New-ADUser -Name "John Doe" -SamAccountName "jdoe" -AccountPassword ... -Enabled $trueCreate user objectUser 'jdoe' created in ADNo output if successful
2Set-ADUser -Identity "jdoe" -Title "Developer"Update user propertyUser 'jdoe' title set to 'Developer'No output if successful
3Verify userGet user infoUser 'jdoe' has Title 'Developer'Name: John Doe SamAccountName: jdoe Title: Developer
4EndNo more commandsProcess completeProcess finished successfully
💡 All commands executed successfully; user created and updated.
Variable Tracker
VariableStartAfter Step 1After Step 2Final
UserObjectnull{Name: John Doe, SamAccountName: jdoe, Enabled: True}{Name: John Doe, SamAccountName: jdoe, Enabled: True, Title: Developer}{Name: John Doe, SamAccountName: jdoe, Enabled: True, Title: Developer}
Key Moments - 3 Insights
Why does New-ADUser not show output after creating the user?
New-ADUser by default does not return output on success, so the execution_table row 1 shows 'No output if successful'. You can add -PassThru to get output.
Can Set-ADUser create a user if it does not exist?
No, Set-ADUser only updates existing users. The execution_table shows New-ADUser must run first to create the user.
How do we verify the user properties after updates?
You can run Get-ADUser to check properties. The execution_table row 3 shows verifying user info after updates.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is the user Title after Step 1?
ANo Title set
BDeveloper
CAdministrator
DUser
💡 Hint
Check the 'Result' column in Step 1 and Step 2 in execution_table.
At which step does the user get the Title 'Developer'?
AStep 1
BStep 3
CStep 2
DStep 4
💡 Hint
Look at the 'Action' and 'Result' columns in execution_table for Step 2.
If you skip New-ADUser and run only Set-ADUser, what happens?
AUser is created automatically
BError: user not found
CUser properties updated anyway
DNo effect, command ignored
💡 Hint
Refer to key_moments about Set-ADUser requiring existing user.
Concept Snapshot
New-ADUser creates a new Active Directory user.
Set-ADUser updates properties of an existing user.
New-ADUser needs password and enabled status.
Set-ADUser requires the user identity.
Use Get-ADUser to verify changes.
No output shown if commands succeed by default.
Full Transcript
This visual execution shows how New-ADUser creates a user named John Doe with username jdoe and a password. Then Set-ADUser updates the Title property to Developer. The execution table traces each step, showing commands run, actions taken, and results. Variables track the user object state after each step. Key moments clarify why New-ADUser does not output by default, that Set-ADUser cannot create users, and how to verify changes. The quiz tests understanding of when properties are set and command dependencies. The snapshot summarizes the commands and usage rules.

Practice

(1/5)
1. What is the primary purpose of the New-ADUser cmdlet in PowerShell?
easy
A. To list all users in Active Directory
B. To delete an existing user account
C. To reset a user's password
D. To create a new user account in Active Directory

Solution

  1. Step 1: Understand the cmdlet purpose

    New-ADUser is designed to create new user accounts in Active Directory.

  2. Step 2: Compare with other options

    Deleting users, resetting passwords, or listing users are done by other cmdlets like Remove-ADUser, Set-ADAccountPassword, or Get-ADUser.

  3. Final Answer:

    To create a new user account in Active Directory -> Option D

  4. Quick Check:

    New-ADUser creates users = A [OK]
Hint: New-ADUser always creates, not modifies or deletes [OK]
Common Mistakes:
  • Confusing New-ADUser with Set-ADUser
  • Thinking it deletes users
  • Assuming it lists users
2. Which of the following is the correct syntax to create a new AD user with username 'jdoe' and display name 'John Doe' using New-ADUser?
easy
A. New-ADUser -SamAccountName 'jdoe' -DisplayName 'John Doe'
B. New-ADUser -Name 'jdoe' -DisplayName 'John Doe'
C. New-ADUser -UserName 'jdoe' -Display 'John Doe'
D. New-ADUser -User 'jdoe' -Name 'John Doe'

Solution

  1. Step 1: Identify correct parameters for New-ADUser

    The parameter for username is -SamAccountName, and for display name is -DisplayName.

  2. Step 2: Check each option

    New-ADUser -SamAccountName 'jdoe' -DisplayName 'John Doe' uses -SamAccountName 'jdoe' and -DisplayName 'John Doe', which is correct syntax.

  3. Final Answer:

    New-ADUser -SamAccountName 'jdoe' -DisplayName 'John Doe' -> Option A

  4. Quick Check:

    SamAccountName sets username = A [OK]
Hint: Use -SamAccountName for username in New-ADUser [OK]
Common Mistakes:
  • Using -UserName instead of -SamAccountName
  • Using -Name instead of -DisplayName
  • Mixing parameter names incorrectly
3. What will be the output of this PowerShell command sequence?
New-ADUser -SamAccountName 'asmith' -Name 'Alice Smith' -AccountPassword (ConvertTo-SecureString 'P@ssw0rd' -AsPlainText -Force) -Enabled $true
Set-ADUser -Identity 'asmith' -Title 'Manager'

What is the Title property of user 'asmith' after running these commands?
medium
A. No Title property set
B. Manager
C. Alice Smith
D. P@ssw0rd

Solution

  1. Step 1: Create user with New-ADUser

    The user 'asmith' is created with name 'Alice Smith' and password set, enabled account.

  2. Step 2: Update user with Set-ADUser

    The Set-ADUser command sets the Title property to 'Manager' for user 'asmith'.

  3. Final Answer:

    Manager -> Option B

  4. Quick Check:

    Set-ADUser updates Title = C [OK]
Hint: Set-ADUser changes properties after user creation [OK]
Common Mistakes:
  • Assuming Title is set by New-ADUser without parameter
  • Confusing password with Title property
  • Thinking Title remains empty
4. You run this command to update a user's department:
Set-ADUser -Identity 'bwhite' -Department 'Sales'

But you get an error: "Cannot find an object with identity: 'bwhite'". What is the most likely cause?
medium
A. The Identity parameter requires an email address
B. The Department property cannot be set with Set-ADUser
C. User 'bwhite' does not exist in Active Directory
D. You must use New-ADUser to update users

Solution

  1. Step 1: Analyze the error message

    The error says it cannot find an object with identity 'bwhite', meaning the user does not exist or the name is incorrect.

  2. Step 2: Check other options

    Department can be set with Set-ADUser, New-ADUser is for creating users, and Identity accepts username or distinguished name, not necessarily email.

  3. Final Answer:

    User 'bwhite' does not exist in Active Directory -> Option C

  4. Quick Check:

    Identity error means user missing = D [OK]
Hint: Check user exists before Set-ADUser [OK]
Common Mistakes:
  • Assuming Department can't be set
  • Using New-ADUser to update existing users
  • Using wrong Identity format without verifying user
5. You want to create a new user 'mjohnson' with the display name 'Mary Johnson' and then immediately set her office location to 'HQ-5'. Which sequence of commands correctly achieves this?
hard
A. New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' Set-ADUser -Identity 'mjohnson' -Office 'HQ-5'
B. Set-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' New-ADUser -Identity 'mjohnson' -Office 'HQ-5'
C. New-ADUser -UserName 'mjohnson' -Name 'Mary Johnson' -Office 'HQ-5' -Enabled $true
D. New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' -Office 'HQ-5' -Enabled $true

Solution

  1. Step 1: Create user with New-ADUser

    Use -SamAccountName and -DisplayName to create the user. Office location is not set here.

  2. Step 2: Update office location with Set-ADUser

    Use Set-ADUser -Identity 'mjohnson' -Office 'HQ-5' to set the office property after creation.

  3. Step 3: Evaluate other options

    Set-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' New-ADUser -Identity 'mjohnson' -Office 'HQ-5' tries to update before creation, which fails. New-ADUser -UserName 'mjohnson' -Name 'Mary Johnson' -Office 'HQ-5' -Enabled $true uses wrong parameters. New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' -Office 'HQ-5' -Enabled $true fails because -Enabled $true requires -AccountPassword (e.g., (ConvertTo-SecureString 'P@ssw0rd' -AsPlainText -Force)), which is missing.

  4. Final Answer:

    New-ADUser -SamAccountName 'mjohnson' -DisplayName 'Mary Johnson' Set-ADUser -Identity 'mjohnson' -Office 'HQ-5' -> Option A

  5. Quick Check:

    Create then update properties = B [OK]
Hint: Create user first, then update extra properties with Set-ADUser [OK]
Common Mistakes:
  • Trying to set unsupported properties in New-ADUser
  • Running Set-ADUser before user exists
  • Using wrong parameter names