We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Need to automate the creation of GPO's in a PowerShell script

Medium Priority
747 Views
Last Modified: 2012-05-06
I have the need to create an OU, Group, and GPO for every user on our domain. (too complicated to go into)  I have created a PowerShell script that reads through a text file for new handles and creates the OU and groups and even assigns the default members for the group.  That is 2 out of 3 anyway.  I am having trouble making a GPO and linking it to the OU.  Anyone good with PowerShell?  I am enclosing my script. -It works except for the GPO part that I have left a space for...

thanks for the help

----------------------
START OF SCRIPT
----------------------
# This script creates an OU in: Company Users OU based on a user's Handle.
# It then creates an access group inside the OU based on that same handle and adds default members to that group
# All handles are read from a text file listed below

# Call the text file to read the handles from
$TextFile = GC -Path "C:\Temp\New.Txt"
ForEach ($objItem in $TextFile){

# Set The OU Name to the line read from the txt file
$OUName = $objItem
# Set the Group name by appending the previous varriable with "Access"
$GRPName = ($objItem + " Access")

#Set the GPO Name
GPOName=$ObjItem

# Set the UPN for the Domain
$Domain = ",dc=domain,dc=com"

# Set the UPN for the group that is to be created
$group = [ADSI](LDAP://cn=" + $GRPName + ",OU=" + $OUName + ",OU=Company Users" + $Domain)

# Set the members to be added to the group created
$Add1 = ("CN=Computer Admins,OU=Users" + $Domain)
$Add2 = ("CN=Domain Admins,OU=Users" + $Domain)
$Add3 = ("CN=GCS Admins,OU=Users" + $Domain)

# Create the OU
$objDomain2 = [ADSI]("LDAP://OU=Company Users" +$Domain)
$objOU = $objDomain2.Create("OrganizationalUnit", "OU= " + $OUName)
$objOU.setInfo()

#
#
#     Here is where I need to create a GPO named $GPOName and link it to
#        ("OU=" + $OUName + ",OU=Company Users" + $Domain)
#
#

# Create the Group in the OU just added
$objDomain = [ADSI]("LDAP://OU=" + $OUName + ",OU=Company Users" + $Domain)
$objOU = $objDomain.Create("Group", "CN= " + $GRPName)
$objOU.setInfo()

# Add members to the group just added
$group.Member.Add("$Add1")
$group.Member.Add("$Add2")
$group.Member.Add("$Add3")
$group.setInfo()

}
----------------------
END OF SCRIPT
----------------------
Comment
Watch Question

Commented:
check out the free cmdlets by www.sdmsoftware.com. They will let you create and link GPOs from Powershell.

The even have a pay tool that is absolutely amazing for actually setting GPO settings.

FYI: Powershell Zone: http://www.experts-exchange.com/Programming/Languages/Scripting/MSH-Monad/

Author

Commented:
Well I installed the software but it does not seem to work.  Do I have to have .net framework installed on the DC?

Commented:
No need for framework.

Did you add the snapin?

Try this
get-pssnapin -reg | add-pssnapin -ea 0

Commented:
Oh... you do need the GPMC installed on the machine with the tools installed. The cmdlets use the COM interface provided by GPMC

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Author

Commented:
The get-pssnapin -reg | add-pssnapin -ea 0 seems to have done the trick.  It is now registered.  Thanks.
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.