If you want to create a user in Dynamics AX 2012, you can simply use New-AXUser cmdlet and other User and role-based security cmdlets. It’s more difficult in AX 2009 and older versions, but you can utilize Business Connector to do the job. Below is an extended function that I wrote for AX 2009. It accepts a path to an exported AX configuration (to know which AX instance to use), a domain, a user name and, if required, the new AX user ID. It also supports -WhatIf and -Confirm parameters.
It automatically adds the user to the admin group, but you easily can change the script to meet your specific requirements.
Function New-AXUser { [CmdletBinding(SupportsShouldProcess = $true)] Param( [Parameter(Mandatory=$true)] [string]$ConfigFile, [Parameter(Mandatory=$true)] [string] $UserDomain, [Parameter(Mandatory=$true)] [string]$UserName, [string]$AXUserId = $UserName.Substring(0, 5) ) #region Functions Function AddToAdminGroup { $membership = $ax.CreateAxaptaRecord('UserGroupList'); $membership.set_Field('UserId', $AXUserId); $membership.set_Field('GroupId', 'Admin'); $membership.Insert() } Function AxLogoff { [void]$ax.Logoff() } Function AxLogon { try { [void][Reflection.Assembly]::LoadWithPartialName('Microsoft.Dynamics.BusinessConnectorNet'); $script:ax = New-Object Microsoft.Dynamics.BusinessConnectorNet.Axapta $ax.Logon('', '', '', $ConfigFile) } catch { throw 'Logging to AX failed.' } } Function CreateUser { $userManager = $ax.CreateAxaptaObject('AxaptaUserManager'); if ($userManager.Call('validateDomainUser', $UserDomain, $UserName) -eq $false) { throw error 'User cannot be created.' } else { $userDetails = $userManager.Call('getDomainUser', $UserDomain, $UserName); $sid = $userDetails.Call('getUserSid', 0); $dispName = $userDetails.Call('getUserName', 0); $user = $ax.CreateAxaptaRecord('UserInfo'); $user.ExecuteStmt('select * from %1 where %1.Id == "Admin"') SetField $user 'Id' $AXUserId SetField $user 'NetworkAlias' $UserName SetField $user 'NetworkDomain' $UserDomain SetField $user 'Name' $dispName SetField $user 'Sid' $sid if ($PSCmdlet.ShouldProcess("Config: $ConfigFile, User ID: $AXUserId")) { $user.Insert(); AddToAdminGroup } } } Function SetField { Param($axaptaRecord, [string]$fieldName, $value) $axaptaRecord.set_Field($fieldName, $value); Write-Verbose ($fieldName + ": " + $value) } Function ValidateParameters { if (!(Test-Path $ConfigFile)) { throw "Configuration $ConfigFile doesn't exist" } } #endregion ValidateParameters AxLogon CreateUser AxLogoff }