Using the Active Directory command-line tools, in a Windows 2000 domain, or Windows Server 2003 domain, you can create, modify, and delete a user, from the command-line.

The syntax for creating a user account is:

dsadd user user_DN -samid Sam_Name


user_DN   is the distinguished name (DN) of the user you wish to create, like "CN=Jerold Schulman,CN=Users,DC=JSIINC,DC=COM".                              Sam_Name  is the SAM (Security Account Manager) name of the users, like Jerry.                              NOTE: To disable / enable a user account, use dsmod user user_DN -disabled yes|no.                              NOTE: To delete a user account, use dsrm user_DN.                              NOTE: To modify the properties of a user account, use the dsmod user_DN command.

NOTE: When you type dsadd user /?, you receive:

Description:  Adds a user to the directory.                              Syntax:  dsadd user <UserDN> \[-samid <SAMName>\] \[-upn <UPN>\] \[-fn <FirstName>\]                                      \[-mi <Initial>\] \[-ln <LastName>\] \[-display <DisplayName>\]                                      \[-empid <EmployeeID>\] \[-pwd \{<Password> | *\}\] \[-desc <Description>\]                                      \[-memberof <Group ...>\] \[-office <Office>\] \[-tel <Phone#>\]                                      \[-email <Email>\] \[-hometel <HomePhone#>\] \[-pager <Pager#>\]                                      \[-mobile <CellPhone#>\] \[-fax <Fax#>\] \[-iptel <IPPhone#>\]                                      \[-webpg <WebPage>\] \[-title <Title>\] \[-dept <Department>\]                                      \[-company <Company>\] \[-mgr <Manager>\] \[-hmdir <HomeDir>\]                                      \[-hmdrv <DriveLtr:>\] \[-profile <ProfilePath>\] \[-loscr <ScriptPath>\]                                      \[-mustchpwd \{yes | no\}\] \[-canchpwd \{yes | no\}\]                                      \[-reversiblepwd \{yes | no\}\] \[-pwdneverexpires \{yes | no\}\]                                      \[-acctexpires <NumDays>\] \[-disabled \{yes | no\}\]                                      \[\{-s <Server> | -d <Domain>\}\] \[-u <UserName>\]                                      \[-p \{<Password> | *\}\] \[-q\] \[\{-uc | -uco | -uci\}\]                              Parameters:                              Value                   Description                              <UserDN>                Required. Distinguished name (DN) of user to add.                                                      If the target object is omitted, it will be taken                                                      from standard input (stdin).                              -samid <SAMName>        Set the SAM account name of user to <SAMName>.                                                      If not specified, dsadd will attempt                                                      to create SAM account name using up to                                                      the first 20 characters from the                                                      common name (CN) value of <UserDN>.                              -upn <UPN>              Set the upn value to <UPN>.                              -fn <FirstName>         Set user first name to <FirstName>.                              -mi <Initial>           Set user middle initial to <Initial>.                              -ln <LastName>          Set user last name to <LastName>.                              -display <DisplayName>  Set user display name to <DisplayName>.                              -empid <EmployeeID>     Set user employee ID to <EmployeeID>.                              -pwd \{<Password> | *\}   Set user password to <Password>. If *, then you are                                                      prompted for a password.                              -desc <Description>     Set user description to <Description>.                              -memberof <Group ...>   Make user a member of one or more groups <Group ...>                              -office <Office>        Set user office location to <Office>.                              -tel <Phone#>           Set user telephone# to <Phone#>.                              -email <Email>          Set user e-mail address to <Email>.                              -hometel <HomePhone#>   Set user home phone# to <HomePhone#>.                              -pager <Pager#>         Set user pager# to <Pager#>.                              -mobile <CellPhone#>    Set user mobile# to <CellPhone#>.                              -fax <Fax#>             Set user fax# to <Fax#>.                              -iptel <IPPhone#>       Set user IP phone# to <IPPhone#>.                              -webpg <WebPage>        Set user web page URL to <WebPage>.                              -title <Title>          Set user title to <Title>.                              -dept <Department>      Set user department to <Department>.                              -company <Company>      Set user company info to <Company>.                              -mgr <Manager>          Set user's manager to <Manager> (format is DN).                              -hmdir <HomeDir>        Set user home directory to <HomeDir>. If this is                                                      UNC path, then a drive letter that will be mapped to                                                      this path must also be specified through -hmdrv.                              -hmdrv <DriveLtr:>      Set user home drive letter to <DriveLtr:>                              -profile <ProfilePath>  Set user's profile path to <ProfilePath>.                              -loscr <ScriptPath>     Set user's logon script path to <ScriptPath>.                              -mustchpwd \{yes | no\}   User must change password at next logon or not.                                                      Default: no.                              -canchpwd \{yes | no\}    User can change password or not. This should be                                                      "yes" if the -mustchpwd is "yes". Default: yes.                              -reversiblepwd \{yes | no\}                                                      Store user password using reversible encryption or                                                      not. Default: no.                              -pwdneverexpires \{yes | no\}                                                      User password never expires or not. Default: no.                              -acctexpires <NumDays>  Set user account to expire in <NumDays> days from                                                      today. A value of 0 implies account expires                                                      at the end of today; a positive value                                                      implies the account expires in the future;                                                      a negative value implies the account already expired                                                      and sets an expiration date in the past;                                                      the string value "never" implies that the                                                      account never expires.                              -disabled \{yes | no\}    User account is disabled or not. Default: no.                              \{-s <Server> | -d <Domain>\}                                                      -s <Server> connects to the domain controller (DC)                                                      with name <Server>.                                                      -d <Domain> connects to a DC in domain <Domain>.                                                      Default: a DC in the logon domain.                              -u <UserName>           Connect as <UserName>. Default: the logged in user.                                                      User name can be: user name, domain\user name,                                                      or user principal name (UPN).                              -p \{<Password> | *\}     Password for the user <UserName>. If * is entered,                                                      then you are prompted for a password.                              -q                      Quiet mode: suppress all output to standard output.                              \{-uc | -uco | -uci\}     -uc Specifies that input from or output to pipe is                                                      formatted in Unicode.                                                      -uco Specifies that output to pipe or file is                                                      formatted in Unicode.                                                      -uci Specifies that input from pipe or file is                                                      formatted in Unicode.                              Remarks:                              If you do not supply a target object at the command prompt, the target                              object is obtained from standard input (stdin). Stdin data can be                              accepted from the keyboard, a redirected file, or as piped output from                              another command. To mark the end of stdin data from the keyboard or                              in a redirected file, use Control+Z, for End of File (EOF).                              If a value that you supply contains spaces, use quotation marks                              around the text (for example, "CN=John Smith,CN=Users,DC=microsoft,DC=com").                              If you enter multiple values, the values must be separated by spaces                              (for example, a list of distinguished names).                              The special token $username$ (case insensitive) may be used to place the SAM                              account name in the value of a parameter. For example, if the target user DN                              is CN=Jane Doe,CN=users,CN=microsoft,CN=com and the SAM account name                              attribute is "janed," the -hmdir parameter can have                              the following substitution:                              -hmdir \users\$username$\home                              The value of the -hmdir parameter is modified to the following value:                              - hmdir \users\janed\home