Create AD groups from a list of users

While working with a customer, we needed to add several AD groups. Each group had many users that were identified by the customer. For each group, I created a txt file with the list of user names and then wrote a script to create the group and add the users.

For this organization, we had a single OU to place the groups. The $groupPath variable would need to be changed to reflect the LDAP path of that location.

<#
Purpose: To create an AD group and add members.
Author: Michael Kenning (mjkenning@gmail.com)
Date: 28 OCT 2014
Version: 1.3

Usage: ./new-adgroup.ps1 LIST_OF_USERS.TXT "Group Name"
#>

param (
	[Parameter(Mandatory=$true,Position=0)]
	[ValidateNotNullOrEmpty()]
	[String]
	$path,
	[Parameter(Mandatory=$true,Position=1)]
	[ValidateNotNullOrEmpty()]
	[String]
	$groupName
)

# Change this variable to specify the location of the group in AD
$groupPath = "OU=Application Groups,DC=DOMAIN,DC=COM"

Import-Module ActiveDirectory
$groupMembers = get-content $path

# Check to see if the group exists and add the group if it does not.
$groupStatus = get-adgroup $groupName | Out-Null
if ($groupStatus -eq $null) {
	new-adgroup -Name $groupName -Path $groupPath -GroupScope Universal -GroupCategory Security
}

# Add users to the group
foreach ($member in $groupMembers) {
	Add-ADGroupMember $groupName $member
}
Advertisements
Tagged with: , ,
Posted in Powershell

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: