How can I add a user to Active Directory (AD) from the command line without using a script?

A. Windows Server 2003 provides the Dsadd command, which lets you add objects (e.g., computers, contacts, groups, organizational units--OUs, quotas, users) to AD. The basic command syntax is

dsadd user <users's distinguished name (DN)> -samid <username> -pwd <new password>

For example, to add user John to AD, I typed

C:\> dsadd user CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com -samid John -pwd Pa55word

The system returned

dsadd succeeded:CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com

For a full list of options, type

C:\> dsadd user /?

The options let you set the user's full name details, email, group ownership, and Web page as well as set the password to never expire. The following example shows the use of several of these options:

C:\>dsadd user CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com -samid John -pwd Pa55word -fn John -ln Savill -display "John Savill" -email [email protected] -webpg -pwdneverexpires yes -memberof "CN=Domain Admins,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com"

dsadd succeeded:CN=John,CN=Users,DC=it,DC=uk,DC=savilltech,DC=com

Notice that the "-memberof" option, which specifies the user's group ownership, is in quotes because the DN contains spaces.

TAGS: Windows 8
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.