IT Pro

PowerShell Active Directory User Group membership

2 Min Read

PowerShell Active Directory User Group membership. I got the task:

  1. Check if the AD Users are members of AD Group;
  2. If users doesn’t members of this AD Group – add them to the AD Group.

P. S. Probably, it is incorrectly written in English – you may correct me in the comments below.

To complete this task, I wrote the next script:

#create array with users from multiple OU and add filter "user AD object enabled".
$ouArray += Get-ADUser -SearchBase "OU=<your OU name>,OU=<your OU name>,OU=<your OU name>,DC=<your domain name>,DC=<your domain name>,DC=<your domain name>" -Filter {enabled -eq $true} 
$ouArray += Get-ADUser -SearchBase "OU=<your OU name>,OU=<your OU name>,OU=<your OU name>,DC=<your domain name>,DC=<your domain name>,DC=<your domain name>" -Filter {enabled -eq $true}

#declare AD Group for search
$group = "<your group name>"

#declare AD Group for second task - add membership
$group2 = Get-ADGroup "CN=<your group name>,OU=<your OU name>,OU=<your OU name>,DC=<your domain name>,DC=<your domain name>,DC=<your domain name>"

#check membership
$members = Get-ADGroupMember -Identity $group -Recursive | Select -ExpandProperty sAMAccountName
$ouArray | ForEach-Object {
$user = $_.sAMAccountName
If ($members -contains $user)
{
} Else 
{

#if users doesn't exist in AD Group - add them to AD Group

#also you may test this part with next string
#Write-host "$user not exist in group"

Add-ADGroupMember $group2 –Member $user
}
}
TAGGED:
Previous Article How to Delete WiFi Profiles in Windows 10 – Simple Step-by-Step Guide
Next Article SharePoint home in Office 365 updates across Web and mobile
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Exit mobile version