Can not convert String to Secure String for use in New-ADUser

Change

AccountPassword = "$password"

to

AccountPassword = $password

If you have quotes around the variable, it is taken as a regular string instead of a secure string. Proof:

$plainText = "Plain text"
$secureString = ConvertTo-SecureString $plainText -AsPlainText -Force
$quotedSecureString = "$secureString"
$plainText.GetType()
$secureString.GetType()
$quotedSecureString.GetType()

results in

IsPublic IsSerial Name                                     BaseType
-------- -------- ----                                     --------
True     True     String                                   System.Object
True     False    SecureString                             System.Object
True     True     String                                   System.Object

I experienced the same issue as OP where the secure string would be parsed as a string instead. Benjamin's response seems solid so I tested it out by running:

$plainText = "Plain text"
$secureString = ConvertTo-SecureString $plainText -AsPlainText -Force
$quotedSecureString = "$secureString"
$plainText.GetType()
$secureString.GetType()
$quotedSecureString.GetType()

In both terminal and PowerShell.

Benjamin's Code

However, my attempt contains an environmental variable instead (I am building a docker container) which appears to react differently.

$env:SVCUSER="testuser"
$env:SVCPASS="testpass"
$env:SITENAME="test.com"
$env:SecurePass=ConvertTo-SecureString $env:SVCPASS -AsPlainText -Force
New-LocalUser -Name "$env:SVCUSER" -Password $env:SecurePass -Description "$env:SITENAME Site User"

This results in the same error as OP.

Cannot bind parameter 'Password'. Cannot convert the "System.Security.SecureString" value of type "System.String" to type "System.Security.SecureString".

My similar code (and the error)

To resolve this issue I needed to use what I assume to be a local script variable as opposed to an environmental one:

$env:SVCUSER="testuser"
$env:SVCPASS="testpass"
$env:SITENAME="test.com"
$SecurePass=ConvertTo-SecureString $env:SVCPASS -AsPlainText -Force
New-LocalUser -Name "$env:SVCUSER" -Password $SecurePass -Description "$env:SITENAME Site User"

I suppose that makes sense since writing as an environment variable would mean that (albeit secure) string is there until those variables are reset.

When I analyse the types of the first and second method's output (i.e. local and environmental variable) I can see that the two have different types, just as the error alluded:

Working with local variables

For future reference I am using Powershell 5.1.19041.1. I know they are changing quite big functions with PS so it could be that this changes in future. It's probably for the best that it didn't in my case!