Windows & Linux · AD Domain Lab · Managing AD & GP with PowerShell

Managing AD & GP with PowerShell

Import the AD module, create users (single & batch), reset passwords, and link or scope GPOs with OU links and security filtering—all from PowerShell.

Preparing the PowerShell Environment

Import the ActiveDirectory module to manage AD DS and LDS from PowerShell.

Importing the Active Directory PowerShell module

Create a Single User

Maintain a reusable .ps1 template, update attributes, and execute to quickly provision a user.

Single user creation script template
Running a new user creation script

Batch User Creation in AD

  1. Create a CSV with user attributes.
  2. Import the CSV in a script and call New-ADUser for each row.
  3. Verify in ADUC (e.g., TestUsers OU).
CSV structure for importing users
Import CSV and create users PowerShell script
Created users shown in ADUC

Reset a User’s Password

  1. Use Set-ADAccountPassword to reset.
  2. Optionally enforce password change at next logon.
Reset user password using PowerShell
Force user to change password at next logon

Apply a GPO to Users via OU Link

Link an existing GPO to an OU to target all user objects within (unless further constrained by security filtering).

PowerShell command to link a GPO to an OU

Target a Specific User with Security Filtering

  1. Grant the user (or a security group) Read and Apply Group Policy on the GPO.
  2. Optional: Remove Authenticated Users from Security Filtering if you want exclusive targeting.
  3. Be cautious—ensure the correct principals retain required rights.
Grant GPO permissions for a specific user or group
Apply Group Policy and Read permissions in GPMC
Security filtering edit example

Back to Home