Photo by Somchai Kongkamsri on Pexels.com

You can use this script to create service account with :

  • Certain Naming Convention.
  • 18 Character long password.
  • Add account to specific AD Groups

This script can be become your baseline to create/add more parameters. Before you use this script, please update

  • Line 20 with your company’s UPN domain.
  • Line 21 with the OU, where these accounts will be created.
  • Line 22 & 23 with AD group, where you want to add newly create account.
write-host ("Welcome to Service Account Creation") -ForegroundColor Green
write-host "Type Service Account Name in SVC-Purpose-Service (SVC-Log-SQL) Format and Try Keep it under 20 Character" -ForegroundColor Green
$name = Read-Host "Type Service Account Name"
#Force account to change password at next logon.
$rand = New-object system.random

$userpassword = $null
1..2 | Foreach { $userpassword = $userpassword + [char] $rand.next(48,57)}
1..2 | Foreach { $userpassword = $userpassword + [char] '('}
1..2 | Foreach { $userpassword = $userpassword + [char] '$'}
1..2 | Foreach { $userpassword = $userpassword + [char] $rand.next(65,90)}
1..2 | Foreach { $userpassword = $userpassword + [char] '#'}
1..8 | Foreach { $userpassword = $userpassword + [char] $rand.next(97,122)}
#return $userpassword
write-host 
write-host ($userpassword + " is current password of " + $name + ".") -ForegroundColor Yellow
write-host 

$pass = ConvertTo-SecureString -AsPlainText $userpassword -Force
$upn = $Name + "@learntecufuture.com"
New-ADUser -Name $Name -GivenName $Name -Surname $Name -SamAccountName $Name -UserPrincipalName $upn -DisplayName $name -Path "OU=SVCs,DC=learntecufuture,DC=com" -AccountPassword $pass -Enabled $true

Add-ADGroupMember -Identity AllSvcs -Members $name -confirm:$false
Add-ADGroupMember -Identity ControlledUsers -Members $name -confirm:$false

write-host ($name + " has been added to ControlledUsers and AllSvcs") -ForegroundColor Yellow

Thanks you for reading !