If you are creating the Active Directory user on a machine other than a domain controller, you’ll need to install the Active Directory module for Windows PowerShell. Then import the Active Directory module.
To see the syntax and available options for creating an Active Directory user using PowerShell, type “Get-Help New-ADUser” inside the PowerShell console.
Store the password in a variable. Using the -assecurestring parameter masks the password. Once you have the statement formulated that you want to run, give it a try using the -WhatIf parameter to see what the results will be if you execute the statement. If the results look acceptable, remove the -WhatIf parameter and run it for real this time.
$Password = Read-Host -assecurestring "Account Password"
New-ADUser -Name "sqlDenaliAgent" -AccountPassword $Password -Description "SQL Server Agent Account for Denali Test Server" -Enabled $true -PasswordNeverExpires $true -Path "ou=service,ou=accounts,ou=test,dc=mikefrobbins,dc=com" -SamAccountName "sqlDenaliAgent" -UserPrincipalName "sqlDenaliAgent@mikefrobbins.com"
One of the snags I ran into is the default users OU has to be specified with a CN=Users, but any of the OU’s you’ve created and some of the default ones use OU=Name. A coworker of mine that I worked with about 10 years ago said the difference is whether or not it has a “ham sandwich” in the folder picture next to the OU as shown in the image below: