How To

Create Active Directory Users

How to configure a Data Sync project to create AD User accounts and create default passwords.

Prepare your Data & Connect to Source

First you need to prepare your source data, you are looking for a DataSet similar to this.

Data Set

Once you have your Data connect this as your source in the Data Sync Project.

Connect Target to Active Directory

Now connect to your AD OU, where you wish to add the new users. You then need to configure Account Name and Logon Name with the below properties under the AD properties collection:


AD Properties Collection Editor

In order to create the AD Users you will need to set the SchemaClassName to User and ensure that the SchemaItemFormat has the format $First Name$ $Surname$. SchemaItemFormat uses this format string to create the Distinguished Name in your Active Directory from the source data.


Next configure the Schema Map, to map the values to your AD. You will need something unique to identify the records. In this example I am using the Email address.

Schema Map

If you run this now it will create the AD User accounts with a default configuration.

Set the Default Password

You can use the Project Automation Item Events to complete the configuration of each individual account after they are created by implementing the AfterAddItem method.

For example enable Project Automation from View > Project Automation then use the code below with the AfterAddItem method. This code unlocks the account sets the password to never expire and sets a default password.

    public override void AfterAddItem(object sender, DataCompareItemInvariant item, object identity)
        Trace.WriteLine("AfterAddItem->{0}", identity); 
        using(var entry = DataSourceB.GetDirectoryEntry(identity)) 
            var uac = (int entry.Properties["userAccountControl"].Value;            
            uac = uac | 0x10000; //Password never Expires</span>
            uac = uac &amp; ~0x2; //Unlocked
            entry.Properties["userAccountControl"].Value = uac;
            entry.Invoke("SetPassword", "!password123");
            entry.Properties["pwdLastSet"].Value = -1;            

The call to GetDirectoryEntry on the DataSourceB returns a .NET Directory Entry object. You can then call this as you would normally with .NET code.