The Active Directory Module for Windows PowerShell includes the Add-ADGroupMember cmdlet, which can be used to add user to Active Directory security or distribution groups. In order to use cmdlets from the ActiveDirectory module, at first you must load this module into your PowerShell session (on domain controllers with Windows Server 2012 or higher, this module is automatically loaded):
Import-Module ActiveDirectory
To add user1 to the domain group “TestGroup1”, run the following command in the PowerShell console with administrator privileges:
Add-ADGroupMember "TestGroup1" user1
You can add several users to the group at once, their accounts should be enumerated by comma:
Add-ADGroupMember "NYTraders" KDunkelman,SSmith
These are the simplest examples of using the Add-ADGroupMember cmdlet to add users to AD groups. Let’s consider some more complex methods.
For example, you need to get a list of users of one group (NYTraders) and add these accounts to another AD group (USTraders). To obtain a list of users of the NYTraders group, we will use the Get-ADGroupMember cmdlet. The resulting command might look like this:
Get-ADGroupMember “NYTraders” | Get-ADUser | ForEach-Object {Add-ADGroupMember -Identity “USTraders” -Members $_}
You can add to the group all users from a particular OU:
Get-ADUser -Filter * -SearchBase ‘OU=Users,OU=NY,OU=USA,DC=theitbros,DC=com’|
ForEach-Object -process {Add-ADGroupMember -identity "NY Users" -Members $_.SamAccountName}
After executing the command, you can open the ADUC console and make sure that all users have been added to the specified group.
You can select users based on the value of some AD attribute and then add them to the particular group. For example, to add all users to the USAUsers group that have the United States in the co field, run the command:
Get-ADUser -filter {(co -eq "United States")} | ForEach-Object -process {Add-ADGroupMember -identity "USAUsers" -Members $_.SamAccountName}
You can create an Excel file (or a text CSV file) with a list of users that you want to add to a specific AD group. The file should be a list of samAccountNames of your users. You can use the following file format:
Below is the code of PowerShell script for adding users from CSV to the group:
$List = Import-CSV .\users.csv
$ErrorActionPreference='Continue'
$error.Clear()
ForEach ($User in $List)
{
Add-ADGroupMember -Identity ‘USTraders’ -Member $User.username
}
if ($error.Count -gt 0)
{
echo "Errors count: " $error.Count
}
$success=$($i-$error.Count)
if ($success -gt -1)
{
echo $success " users added successfully"
}
Similarly, you can add users to the Exchange distribution group:
Import-CSV .\Users.csv | ForEach-Object -process {Add-DistributionGroupMember -Identity "USTradersMailList" -Member $_.username }
The post Add User to Active Directory Group Using Add-ADGroupMember appeared first on TheITBros.