By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

System Manager PowerShell command to create AD User

0

I am trying to run a PowerShell command to create an ad user in an active directory hosted in one of the EC2 instances.

New-ADUser -Name 'Batman Gotham' -AccountPassword (ConvertTo-SecureString 'Password@1234' -AsPlainText -Force) -DisplayName 'Batman Gotham' -GivenName 'Batman' -SamAccountName 'batman.gotham@darknight.com' -Surname 'Gotham' -EmailAddress 'batman.gotham@darknight.com' -UserPrincipalName 'batman.gotham@darknight.com' -MobilePhone '8888888888' -Title 'Staff Super Hero' -Department 'Batman Cloud Services' -Enabled $True -StreetAddress 'Gotham Street' -City 'Gotham' -State 'CA' -Country 'USA' -Path 'CN=Users,OU=Operations,DC=darknight,DC=com' -employeeNumber '1234567' -ChangePasswordAtLogon $True

but I am getting the below error in the system manager and am not able to find more details about the error:

New-ADUser : The name provided is not a properly formed account name
At C:\ProgramData\Amazon\SSM\InstanceData\i-instanceid\document\orchestr
ation\853f5c41-fcbf-44e0-b7fb-qwe1234redfdd\awsrunPowerShellScript\0.awsrunPower
ShellScript\_script.ps1:1 char:1
+ New-ADUser -Name 'Batman Gotham' -AccountPassword (ConvertTo-SecureString 
'Passw ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
    + CategoryInfo          : NotSpecified: (CN=Batman Gotha...darknight,DC=com 
   :String) [New-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:1315,Microsoft.ActiveDirec 
   tory.Management.Commands.NewADUser

Any recommendation.

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Directory ServiceAWS Systems Manager
Language
English
snowcoder_07
asked 19 days ago120 views
1 Answer
1

The error indicates that the SamAccountName provided in the New-ADUser command is not formatted correctly. The SamAccountName needs to be a valid account name that can be used to log into the domain. It typically looks like firstname.lastname or firstinitial.lastname.

Please try the following:

  • Use a valid account name format like 'batman.gotham' instead of the email address for SamAccountName and UserPrincipalName

  • Make sure the SamAccountName is unique in the domain

  • Remove any special characters or spaces from the SamAccountName

  • Verify the domain name specified with -Path is correct

  • Check if you have permissions to create users in the OU specified with -Path

Try the below command:

New-ADUser -Name 'Batman Gotham' -SamAccountName 'batman.gotham' -UserPrincipalName 'batman.gotham@darknight.com' -Path 'CN=Users,OU=Operations,DC=darknight,DC=com'

AWS
AWS-User-4970074
answered 19 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content