PowerShell Module
CSVActiveDirectory
CSVActiveDirectory is a PowerShell module that simulates Active Directory using plain CSV files as the backend. It gives you a realistic set of AD cmdlets — Get-ADUser, New-ADUser, Set-ADAccountPassword, and the rest — without needing a domain controller, so you can learn AD concepts, test scripts, and practice automation in a completely safe, isolated environment.
Why I built it
Standing up a domain controller just to practice AD cmdlets or test a script is heavy, and doing it against production is risky. I wanted something portable that behaves like the real ActiveDirectory module — same verbs, same parameters, same property names — but stores everything in a CSV you can throw away and recreate in seconds. That makes it ideal for labs, training, demos, and CI where a real directory is overkill.
The module mirrors the cmdlets people actually reach for day to day, validates input the way AD would (including password complexity), and keeps the data layer simple enough to inspect by opening a spreadsheet.
The cmdlets
The module exposes the core AD cmdlets as public functions, grouped roughly the way you would use them:
- Users —
Get-ADUser(query by Identity or Filter with property selection),New-ADUser(create with validation), andRemove-ADUser(delete with confirmation). - Accounts —
Enable-ADAccount,Disable-ADAccount, andSearch-ADAccountfor finding accounts by state. - Passwords —
Set-ADAccountPasswordwith complexity validation backed by a configurable password policy. - Configuration —
Get-ADConfig,Set-ADConfig, andTest-ADConfigfor reading, updating, and validating module settings.
CSV backend and backups
Everything lives in a CSV database (Data/Database.csv), which keeps the whole thing portable and easy to inspect — you can literally open the directory in a spreadsheet. The data layer is designed to stay consistent across every operation, and it ships with a backup system:
- Portable storage — a single CSV acts as the directory; copy it, version it, or reset it at will.
- Automatic backups — timestamped files with ZIP compression so you can roll back after a bad change.
- Backup management — an interactive console menu plus age-based cleanup utilities with safety prompts and a
-WhatIfpreview.
Using it
Install
# Clone and run the one-click installer
git clone https://github.com/ma1c0ntent/CSVActiveDirectory.git
cd CSVActiveDirectory
.\install.ps1
# Or import the module directly
Import-Module .\CSVActiveDirectory.psd1 -Force
Get-Command -Module CSVActiveDirectory The repository ships with an empty database, so after cloning you populate it with realistic sample users:
# Create a set of sample users (the one-click installer does this for you)
.\Functions\Private\Create-Users.ps1 Querying users
# All users
Get-ADUser -Identity "*"
# A single user
Get-ADUser -Identity "mbryan"
# Select specific properties
Get-ADUser -Identity "mbryan" -Properties "Department", "Title", "Enabled"
# Filter
Get-ADUser -Filter "Department -eq 'IT'" Creating and managing accounts
# Create a user
New-ADUser -SamAccountName "jdoe" -FirstName "John" -LastName "Doe" `
-EmailAddress "[email protected]" -Department "IT" -Title "Developer"
# Disable, enable, then remove
Disable-ADAccount -Identity "jdoe"
Enable-ADAccount -Identity "jdoe"
Remove-ADUser -Identity "jdoe" -Confirm:$false Passwords
Set-ADAccountPassword runs the new password through the same kind of complexity rules a real policy would enforce, so weak passwords are rejected before they ever reach the database:
# Set a password (validated against the configured complexity policy)
Set-ADAccountPassword -Identity "jdoe" -NewPassword "SecurePass123!" Configuration
Module behavior is driven by a JSON settings file (Data/Config/Settings.json) rather than hardcoded values. Get-ADConfig reads it, Set-ADConfig updates it, and Test-ADConfig validates its integrity:
# Read current configuration
Get-ADConfig
# Validate configuration integrity
Test-ADConfig Available properties
Users expose the properties you would expect from AD. The defaults stay lightweight, and -Properties * pulls the full set:
- Default —
FirstName,LastName,DisplayName,SamAccountName. - Extended —
DistinguishedName,EmailAddress,Title,Department,Guid,Created,Modified,Enabled,UserPrincipalName,SID,PrimaryGroupID,PasswordLastSet,LastLogon.
Output is shaped by custom format files (ADUser.format.ps1xml) for clean table and list views, with color-coded status messages and progress indicators for bulk operations.
Compatibility
The module targets both Windows PowerShell and PowerShell 7+, detecting the version automatically and adapting:
- PowerShell 5.1 — full functionality with ASCII alternatives for emoji output.
- PowerShell 7+ — full Unicode support and modern syntax such as the
??null-coalescing operator. - Cross-platform — runs on Windows, Linux, and macOS.
Testing
The module is covered by a Pester test suite under Tests/ — integration tests for module loading and the full user lifecycle, plus focused function tests for each cmdlet (Get / New / Remove-ADUser, Enable / Disable-ADAccount, Search-ADAccount, configuration management, and password complexity). Everything is verified across both PowerShell 5.1 and 7+.


