When you use the New-ADUser cmdlet to create a user account, the new account is disabled and cannot be enabled unless either of the following has occurred:
- A valid password has been set for the account.
- The -PasswordNotRequired parameter has been set to true.
To create a user account for Phil Gibbins, specify a password, and enable the new account, you can use the following command:
PS C:\> New-ADUser -Name "Phil Gibbins" -GivenName Phil -Surname Gibbins `
-SamAccountName pgibbins -UserPrincipalName firstname.lastname@example.org `
-AccountPassword (Read-Host -AsSecureString "AccountPassword") `
-PassThru | Enable-ADAccount
The -PassThru parameter, which has been added to the New-ADUser command just shown, returns the newly created user account object so that it can be piped into the Enable-ADAccount cmdlet to enable the new account.
This tip is excerpted from my latest book Training Guide: Installing and Configuring Windows Server 2012 from Microsoft Press.
Mitch Tulloch is a nine-time recipient of the Microsoft Most Valuable Professional (MVP) award and a widely recognized expert on Windows administration, deployment and virtualization. For more information see http://www.mtit.com.