This directory contains PowerShell scripts used by the PHP AdminTool for Active Directory user creation.

Usage (single user):
1. Create a JSON payload file (for example `payload.json`) with contents:
```
{
  "samaccountname": "testuser",
  "displayname": "Test User",
  "mail": "testuser@example.local",
  "password": "P@ssw0rd1234",
  "ou": "OU=Users,DC=example,DC=local",
  "groups": "Users,IT-Staff",
  "dry_run": true
}
```
2. Run the script from PowerShell as a user with permission to create AD users (or use `dry_run` true to test):

```
powershell -NoProfile -NonInteractive -ExecutionPolicy Bypass -File .\create_user.ps1 -InputFile C:\temp\payload.json
```

Usage (CSV):
1. Create a CSV file with header `samaccountname,displayname,mail,password,ou,groups` (or no header and set `has_header: false` in meta JSON).
2. Create a meta JSON file containing the CSV path and options:
```
{
  "input_file": "C:\temp\users.csv",
  "delimiter": ",",
  "has_header": true,
  "dry_run": true
}
```
3. Run the CSV script:
```
powershell -NoProfile -NonInteractive -ExecutionPolicy Bypass -File .\create_users_csv.ps1 -InputFile C:\temp\meta.json
```

Notes:
- Ensure the `ActiveDirectory` PowerShell module is installed on the host system (RSAT).
- Test with `dry_run` set to `true` first to verify results without modifying AD.
- The scripts return a compact JSON object on stdout which the PHP backend expects.
- Run the webserver (IIS) as a user that has sufficient rights to run the `New-ADUser` and `Add-ADGroupMember` commands when `dry_run` is disabled.