Creates a new user on Active Directory and sets “Password never expires”
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 | Function Add-FTPUser { Param ($FTPUsername, $FTPPassword) $ADDomain = [System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain() $ADDomainName = $ADDomain.Name $ADServer = ($ADDomain.InfrastructureRoleOwner.Name.Split(".")[0]) $FQDN = "DC=" + $ADDomain.Name -Replace("\.",",DC=") $ADDomain = [ADSI] "LDAP://$ADServer/$FQDN" $CustomerOU = [ADSI] "LDAP://$CustomerOU,$FQDN" $User = [ADSI] "LDAP://CN=$FTPUsername,$CustomerOU,$FQDN" $PrincipalName = $FTPUsername + "@" + $ADDomainName $AddADUser = $CustomerOU.Create("User","CN=$FTPUsername") $AddADUser.Put("Description", "$FTPUsername") $AddADUser.Put("sAMAccountName", "$FTPUsername") $AddADUser.Put("userPrincipalName", "$PrincipalName") $AddADUser.Put("DisplayName", "$FTPUsername") $AddADUser.SetInfo() $AddADUser.SetPassword($FTPPassword) $AddADUser.SetInfo() $AddADUser.Psbase.Invokeset("AccountDisabled", "False") $AddADUser.SetInfo() $AddADUser.Put("userAccountControl", "65536") $AddADUser.SetInfo() } |
I didn’t change Primary Group of my FTP user. Because I don’t need for ACL.