I am trying to run a PowerShell command to create an ad user in an active directory hosted in one of the EC2 instances.
New-ADUser -Name 'Batman Gotham' -AccountPassword (ConvertTo-SecureString 'Password@1234' -AsPlainText -Force) -DisplayName 'Batman Gotham' -GivenName 'Batman' -SamAccountName 'batman.gotham@darknight.com' -Surname 'Gotham' -EmailAddress 'batman.gotham@darknight.com' -UserPrincipalName 'batman.gotham@darknight.com' -MobilePhone '8888888888' -Title 'Staff Super Hero' -Department 'Batman Cloud Services' -Enabled $True -StreetAddress 'Gotham Street' -City 'Gotham' -State 'CA' -Country 'USA' -Path 'CN=Users,OU=Operations,DC=darknight,DC=com' -employeeNumber '1234567' -ChangePasswordAtLogon $True
but I am getting the below error in the system manager and am not able to find more details about the error:
New-ADUser : The name provided is not a properly formed account name
At C:\ProgramData\Amazon\SSM\InstanceData\i-instanceid\document\orchestr
ation\853f5c41-fcbf-44e0-b7fb-qwe1234redfdd\awsrunPowerShellScript\0.awsrunPower
ShellScript\_script.ps1:1 char:1
+ New-ADUser -Name 'Batman Gotham' -AccountPassword (ConvertTo-SecureString
'Passw ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
+ CategoryInfo : NotSpecified: (CN=Batman Gotha...darknight,DC=com
:String) [New-ADUser], ADException
+ FullyQualifiedErrorId : ActiveDirectoryServer:1315,Microsoft.ActiveDirec
tory.Management.Commands.NewADUser
Does any one have seen this issue before?
Updating SamAccountName fixed the issue:
New-ADUser -Name 'Batman Gotham' -AccountPassword (ConvertTo-SecureString 'Password@1234' -AsPlainText -Force) -DisplayName 'Batman Gotham' -GivenName 'Batman' -SamAccountName 'batman.gotham' -Surname 'Gotham' -EmailAddress 'batman.gotham@darknight.com' -UserPrincipalName 'batman.gotham@darknight.com' -MobilePhone '8888888888' -Title 'Staff Super Hero' -Department 'Batman Cloud Services' -Enabled $True -StreetAddress 'Gotham Street' -City 'Gotham' -State 'CA' -Country 'USA' -Path 'CN=Users,OU=Operations,DC=darknight,DC=com' -employeeNumber '1234567' -ChangePasswordAtLogon $True