Dùng Powershell hoặc Command Prompt để thêm tài khoản người dùng sử dụng lệnh dsadd user.
# show current user list
PS C:\Users\Administrator> dsquery user -name *
"CN=Administrator,CN=Users,DC=srv,DC=world"
"CN=Guest,CN=Users,DC=srv,DC=world"
"CN=Serverworld,CN=Users,DC=srv,DC=world"
"CN=sshd,CN=Users,DC=srv,DC=world"
"CN=krbtgt,CN=Users,DC=srv,DC=world"
# for example, add [Redstone] user
PS C:\Users\Administrator> dsadd user CN=Redstone,CN=Users,DC=srv,DC=world `
-pwd P@ssw0rd01 `
-mustchpwd yes `
-ln Redstone `
-fn R5 `
-email Redstone@srv.world `
-display "Redstone R5"
dsadd succeeded:CN=Redstone,CN=Users,DC=srv,DC=world
PS C:\Users\Administrator> dsquery user -name Redstone
"CN=Redstone,CN=Users,DC=srv,DC=world"
# options for [dsadd user]
PS C:\Users\Administrator> dsadd user /?
Description: Adds a user to the directory.
Syntax: dsadd user <UserDN> [-samid <SAMName>] [-upn <UPN>] [-fn <FirstName>]
[-mi <Initial>] [-ln <LastName>] [-display <DisplayName>]
[-empid <EmployeeID>] [-pwd {<Password> | *}] [-desc <Description>]
[-memberof <Group ...>] [-office <Office>] [-tel <Phone#>]
[-email <Email>] [-hometel <HomePhone#>] [-pager <Pager#>]
[-mobile <CellPhone#>] [-fax <Fax#>] [-iptel <IPPhone#>]
[-webpg <WebPage>] [-title <Title>] [-dept <Department>]
[-company <Company>] [-mgr <Manager>] [-hmdir <HomeDir>]
[-hmdrv <DriveLtr:>] [-profile <ProfilePath>] [-loscr <ScriptPath>]
[-mustchpwd {yes | no}] [-canchpwd {yes | no}]
[-reversiblepwd {yes | no}] [-pwdneverexpires {yes | no}]
[-acctexpires <NumDays>] [-disabled {yes | no}]
[{-s <Server> | -d <Domain>}] [-u <UserName>]
[-p {<Password> | *}] [-q] [{-uc | -uco | -uci}]
[-fnp <FirstNamePhonetic>] [-lnp <LastNamePhonetic>]
[-displayp <DisplayNamePhonetic>]
.....
.....
Để xóa tài khoản người dùng, sử dụng lệnh dsrm
# for example, delete [Redstone] user
PS C:\Users\Administrator> dsrm "CN=Redstone,CN=Users,DC=srv,DC=world"
Are you sure you wish to delete CN=Redstone,CN=Users,DC=srv,DC=world (Y/N)? y
dsrm succeeded:CN=Redstone,CN=Users,DC=srv,DC=world
Nếu bạn sử dụng PowerShell, bạn có thể sử dụng Cmdlet cho PowerShell.
# show current user list
PS C:\Users\Administrator> Get-ADUser -Filter * | Format-Table DistinguishedName
DistinguishedName
-----------------
CN=Administrator,CN=Users,DC=srv,DC=world
CN=Guest,CN=Users,DC=srv,DC=world
CN=Serverworld,CN=Users,DC=srv,DC=world
CN=sshd,CN=Users,DC=srv,DC=world
CN=krbtgt,CN=Users,DC=srv,DC=world
# for example, add [Redstone] user
PS C:\Users\Administrator> New-ADUser Redstone `
-Surname Redstone `
-GivenName R5 `
-DisplayName "Redstone R5" `
-EmailAddress "Redstone@srv.world" `
-AccountPassword (ConvertTo-SecureString -AsPlainText "P@ssw0rd01" -Force) `
-ChangePasswordAtLogon $true `
-Enabled $true
# verify
PS C:\Users\Administrator> Get-ADUser -Identity Redstone
DistinguishedName : CN=Redstone,CN=Users,DC=srv,DC=world
Enabled : True
GivenName : R5
Name : Redstone
ObjectClass : user
ObjectGUID : 0c65ad43-9cb2-4808-a2b3-72b731377a8f
SamAccountName : Redstone
SID : S-1-5-21-1938244123-2570910143-1886879425-1107
Surname : Redstone
UserPrincipalName :
# if delete, do like follows
PS C:\Users\Administrator> Remove-ADUser -Identity "CN=Redstone,CN=Users,DC=srv,DC=world"
Confirm
Are you sure you want to perform this action?
Performing the operation "Remove" on target "CN=Redstone,CN=Users,DC=srv,DC=world".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y
# options for [New-ADUser] command
PS C:\Users\Administrator> Get-Help New-ADUser
NAME
New-ADUser
Description
Creates a new Active Directory user.
Syntax
New-ADUser [-Name] <String> [-AccountExpirationDate <DateTime>] [-AccountNotDelegated <Boolean>] [-AccountPassword
<SecureString>] [-AllowReversiblePasswordEncryption <Boolean>] [-AuthenticationPolicy <ADAuthenticationPolicy>] [-A
uthenticationPolicySilo <ADAuthenticationPolicySilo>] [-AuthType {Negotiate | Basic}] [-CannotChangePassword <Boole
an>] [-Certificates <X509Certificate[]>] [-ChangePasswordAtLogon <Boolean>] [-City <String>] [-Company <String>] [-
CompoundIdentitySupported <Boolean>] [-Country <String>] [-Credential <PSCredential>] [-Department <String>] [-Desc
ription <String>] [-DisplayName <String>] [-Division <String>] [-EmailAddress <String>] [-EmployeeID <String>] [-Em
ployeeNumber <String>] [-Enabled <Boolean>] [-Fax <String>] [-GivenName <String>] [-HomeDirectory <String>] [-HomeD
rive <String>] [-HomePage <String>] [-HomePhone <String>] [-Initials <String>] [-Instance <ADUser>] [-KerberosEncry
ptionType {None | DES | RC4 | AES128 | AES256}] [-LogonWorkstations <String>] [-Manager <ADUser>] [-MobilePhone <St
ring>] [-Office <String>] [-OfficePhone <String>] [-Organization <String>] [-OtherAttributes <Hashtable>] [-OtherNa
me <String>] [-PassThru] [-PasswordNeverExpires <Boolean>] [-PasswordNotRequired <Boolean>] [-Path <String>] [-POBo
x <String>] [-PostalCode <String>] [-PrincipalsAllowedToDelegateToAccount <ADPrincipal[]>] [-ProfilePath <String>]
[-SamAccountName <String>] [-ScriptPath <String>] [-Server <String>] [-ServicePrincipalNames <String[]>] [-Smartcar
dLogonRequired <Boolean>] [-State <String>] [-StreetAddress <String>] [-Surname <String>] [-Title <String>] [-Trust
edForDelegation <Boolean>] [-Type <String>] [-UserPrincipalName <String>] [-Confirm] [-WhatIf] [<CommonParameters>]
.....
.....
Thêm thuộc tính Unix cho người dùng trên Powershell, sử dụng câu lệnh Set-ADUser
# for example, add atrributes to [Redstone] user
PS C:\Users\Administrator> Get-ADUser -Identity Redstone
DistinguishedName : CN=Redstone,CN=Users,DC=srv,DC=world
Enabled : True
GivenName : R5
Name : Redstone
ObjectClass : user
ObjectGUID : 62e8a6bd-feec-4700-830b-eafdbf5b8faa
SamAccountName : Redstone
SID : S-1-5-21-1938244123-2570910143-1886879425-1121
Surname : Redstone
UserPrincipalName :
# soecify minimum required attributes for UNIX/Linux users with hash table
PS C:\Users\Administrator> Set-ADUser -identity "CN=Redstone,CN=Users,DC=srv,DC=world" `
-Add @{uidNumber="5001"; gidNumber="100"; loginShell="/bin/bash"; unixHomeDirectory="/home/Redstone"}
# verify
PS C:\Users\Administrator> Get-ADUser -Identity Redstone -Properties * | Out-String -Stream | Select-String "uidNumber","gidNumber","loginShell","unixHomeDirectory"
gidNumber : 100
loginShell : /bin/bash
uidNumber : 5001
unixHomeDirectory : /home/Redstone
