Add multiple accounts with profile photos to SharePoint 2013

SharePoint 2013: Create 2000 Domain Accounts with Profile Photos for a Development Environment

Table of Contents

It can be important to have a development environment that is as close to a production environment as possible. Having realistic development (or staging) environment helps business users visualise what an end product (or solution) will look like when deployed.

The following PowerShell (and accompanying name files) demonstrates creating 2000 unique Active Directory domain accounts, including setting different locations, departments, phone numbers and gender (male or female). Each domain account has a photo uploaded to Active Directory. Finally, SharePoint User Profile synchronization is configured, to import the users and their photos

Installing Active Directory in windows 2008

How to install and configure Active Directory Domain Services in Windows 2008 R2?

Install Active Directory Domain Services (AD DS) on a member server that runs Windows Server 2008 or Windows Server 2008 R2 by using the Active Directory Domain Services Installation Wizard (Dcpromo.exe). The member server should be located in the forest root domain. After you install AD DS successfully, the member server will become a domain controller. You can install AD DS on any member server that meets the domain controller hardware requirements.

For more information: Install Active Directory Domain Services on the Member Server That Runs Windows Server 2008 or Windows Server 2008 R2

1. In server manager | Roles | Add Active Directory Domain Services


2. Once the installation complete close the wizard and launch the active directory domain services installation wizard (dcpromo.exe)


3. Run dcpromo.exe


4. Welcome to the Active Directory Domain Services Installation Wizard


5. Operating System Compatibility


6. Choose a Deployment Configuration


If you get administrator password error click the link below for the solution

Administrator Password required error in dcpromo.exe

7. Name the Forest Root Domain


8.  Set the forest functional level


9. Set the domain functional level


10. Additional Domain controllers Option


A delegation for this DNS server cannot be created because the authoritative parent zone cannot be found or it dose not run Windows DNS server. If you are integrating with an existing DNS infrastructure, you should manually create a delegation to his DNS server in the parent zone to ensure reliable name resolution from outside the doman. Otherwise, no actions is required.

Do you want to continue?  Click yes


11. Location for Database, Log Files, and SYSVOL
       Specify the folders that will contain the active directory domain controller database log files, and SYSVOL


12. Directory Services Restore Mode Administrators Password
The directory services restore mode administrator account is different from the domain administrator account.
Assign a password for the administrator account that will be used when this domain controller is started in directory services restore mode.
we recommend that you choose a strong password.


13. Active Directory Installation Summary


14. The wizard is configuring active directory domain services. This process can take from a few minutes to several hours, depending on your environment and the
options that you selected.


15. Completing the active directory domain services installation wizard
Active directory domain services is now installed on this computer for the domain.  Click on Finish and restart the server.

Administrator Password required error in dcpromo.exe

The local administrator account becomes the domain administrator account when you create a new domain. The new domain cannot be created because
the local administrators account password does not meet requirements.

Currently, a password is not required for the local administrator account. We recommend that you use the net user comand-line
tool with the /passwordreq:yes option to require a password for this account before you create the new domain; otherwise, a password will not be required for the domain administrator account.

Unable to complete DCPROMO

To resolve the problem:

The password for your local account needs to meet the minimum password complexity:
The password is at least six characters long.
The password contains characters from three of the following four categories:

English uppercase characters (from A through Z)
English lowercase characters (from a through z)
Base 10 digits (from 0 through 9)
Non-alphanumeric characters (for example: !, $, #, or %)

If your still having a problem, this is what you have to do to bypass dcpromo.exe Administrator Password required error 

Open your command prompt and enter the following command
net user Administrator <YourPassword> /passwordreq:yes command

dcpromo.exe Administrator Password required error

How to update Active Directory Manager Filed

Updating Active Directory ‘Manager’ field using code snippet

Here is the code snippet to set the user manager field in AD.

let say we want to create a new user with loginname test1 and set the manager field of user "test2" to "test1"

//Creating the user test1

DirectoryEntry myLdapConnection= new DirectoryEntry(LDAPPath, LDAPUser, LDAPPassword, AuthenticationTypes.Secure);
DirectoryEntry test1 = myLdapConnection.Children.Add("CN=" + "test1", "user");

//now get the user with loginname test2
DirectorySearcher directorySearch = new DirectorySearcher(myLdapConnection);
directorySearch.Filter = "(&(objectClass=user)(SAMAccountName=test2*))";
SearchResult   results = directorySearch.FindOne();
if (results != null)
DirectoryEntry test2= new DirectoryEntry(results.Path, LDAPUser, LDAPPassword);
string distinguishedName=test2.Properties["distinguishedName"][0].ToString();

//to set the manager field for a user in AD we need to assign it the distinguishedName of the user.
test1.Properties["manager"] =distinguishedName;


By Arfan Baig
How to update Active Directory Manager Filed

Adding Custom Attributes to Active Directory user profile

How to add Employee Number to Active Directory Users properties? 

Please see my previous post about how you can add Employee ID filed for user profile.

In this blog, I am going to show you how you can add employee ID field in Active Directory user Properties.

1. Login to your domain controller and open ADSI Edit


2.  Right click on ADSI Edit and Connect To


3. Once you in the connection settings, select configuration from the drop down list where it says “Select a well known naming context”


4. Open CN=DisplaySpecifiers


5. Open CN=409, CN=DisplaySpecifiers, CN=Configuration


6. Look for CN=Default Display and double click on default-display


7. In Default Display Properties, open extraColumns

Default Display Properties,  extraColumns

8. Add employeeNumber,Employee Number,0,100,0 in the value filed and Click ADD. 
Click OK and OK exit from Default Display


9. Now open Active Directory Users and Computers and open Saved Queries

ADUC Saved Queries

10. Expand "Saved Queries"

11. Right Click "Saved Queries" select "New > Query"


12. In the "Name:" field type "All Users" and select "Define Query…"


13. On the "Users" tab next to the "Name:" field click on the drop down and select "Has a value"
14. Now Click "OK" and "OK" again
15. Expand "Saved Queries" and select "All Users"
16. Now you will have a list of all your users in the right pane.



17. With the query selected click View > Add/Remove Columns

ADUC Add Remove Columns

18. Select Employee Number and Add to Displayed Columns

Select Employee Number and Add to Displayed Columns

19.  Now Click on View and Select Advanced Features


20. Double click on a user profile and now you will see Attribute Editor

Enable Active Directory Attribute Editor


Scroll down and look for Employee Number or press E in your keyboard to locate all the attributes which starts with E.
If you want to edit employee number, just double click or click on the edit button

Employee Number Attribute in Active Directory

21. Now you can edit Employee Number in Active Directory by going to User Profile properties.

Enable Employee Number in Active Directory

To enable Employee Number in Active Directory and perform all these steps, you should have enterprise admin/Schema Admins rights.