Link to home
Start Free TrialLog in
Avatar of brianroma
brianroma

asked on

Use Powershell to Create Groups and then add description

Hey guys!!

I have PowerShell script to create groups and put them in different OUs (this one is for domain local groups):

$OU = "OU=File Access Groups,OU=Domain Groups,DC=MYDOMAIN,DC=com"
$GroupType = "Security"
$GroupScope = "DomainLocal"

Get-Content "FileAccessGroupList.txt" | %{ If ($_ -ne "") { `
  New-QADGroup -Name $_ -ParentContainer $OU -GroupType $GroupType -GroupScope $GroupScope } }


I was wondering how I could append this script to fill in the Description while the groups are being created?


I have found user management scripts (like below) but they require special formatting of a separate csv:


http://myitforum.com/cs2/blogs/yli628/archive/2007/09/11/one-step-further-powershell-script-to-modify-multiple-users-property-in-active-directory.aspx



In my previous script, I showed how we can add or modify the user propertites in Active Directory for single user. Now as a by request script, I will go one step further and try to do the samething for multiple users. The trick is you need to have a csv file ready and the import-csv cmdlet.

I have a sample users.csv file and it looks like this:

DN                                                                                       Telephonenumber       
CN=UserA,OU=X,OU=Y,OU=Z,DC=what,DC=ever,DC=com      xxx-yyy-zzz       
CN=UserB,OU=A,OU=B,OU=C,DC=what,DC=ever,DC=com     aaa-bbb-ccc       
CN=UserC,OU=L,OU=M,OU=N,DC=what,DC=ever,DC=com     lll-mmm-nnn       

 

Once you have the csv file ready  you could run the below script against it (You need to have the approriate right to your domain!)

$users = import-csv users.csv
foreach($row in $users)
{
$dn = $row.dn
$user=[ADSI]"LDAP://$dn"
$tel = $row.telephonenumber
$user.put("telephoneNumber", $tel)
$user.SetInfo()
}


Thanks for the help!!

Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Sure, it can be modified. Is the description in FileAccessGroupList.txt? If so, how is that formatted? Tab Delimited would work pretty well. It isn't as neat as CSV formatting, but it'll work well enough.

Chris
Avatar of brianroma
brianroma

ASKER

FileAccessGroupList.txt looks like this inside it now:

InfoTech-M-FileDL
InfoTech-RE-FileDL
Infra-M-FileDL
Infra-RE-FileDL


I would prefer to put description in the same text if it is possible. I am open to tab or csv...

Thanks for the help, Chris!
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

That's fine, either will work well with the above. Which do you prefer?

Chris
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Some samples so you can choose :)

If the format is:

GroupName,Description
InfoTech-M-FileDL,M File DL
InfoTech-RE-FileDL,RE File DL

Then we could do:

Import-CSV "FileAccessGroupList.csv" | %{
  New-QADGroup -Name $_.GroupName -ParentContainer $OU `
    -GroupType $GroupType -GroupScope $GroupScope -Description $_.Description
}

Or if the format is tab delimited:

InfoTech-M-FileDL    M File DL
InfoTech-RE-FileDL    RE File DL

Then it becomes:

Get-Content "FileAccessGroupList.txt" | %{ If ($_ -ne "") {
  $GroupInfo = $_.Split("`t")
  New-QADGroup -Name $GroupInfo[0] -ParentContainer $OU `
    -GroupType $GroupType -GroupScope $GroupScope -Description $GroupInfo[1]
}}

The first (import CSV) is more flexible as you don't have to worry about the order of your fields, they're referenced by field name. The second relies on a static format, you must know the position (starting from 0) of each of the fields.

Chris
Avatar of brianroma
brianroma

ASKER

Ok so I tried:

Get-Content "FileAccessGroupList.csv" | %{ If ($_ -ne "") { `
  New-QADGroup -Name $_ -ParentContainer $OU -GroupType $GroupType -GroupScope $GroupScope } }

Import-CSV "FileAccessGroupList.csv" | %{
  New-QADGroup -Name $_.GroupName -ParentContainer $OU `
    -GroupType $GroupType -GroupScope $GroupScope -Description $_.Description
}


With this CSV:

InfoTech-M-FileDL,Created 20 May 2009
InfoTech-RE-FileDL,RE File DL
Infra-M-FileDL
Infra-RE-FileDL

I get this error in PowerGUI script editor:


A constraint violation occurred. (Exception from HRESULT: 0x8007202F)
At :line:7 char:14
+   New-QADGroup <<<<  -Name $_ -ParentContainer $OU -GroupType $GroupType -GroupScope $GroupScope } }


Thanks again Chris!


Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

You need to have the headers, when you use Import-CSV it uses the first line as the field names.

So in your example it would have these field names:

InfoTech-M-FileDL,Created 20 May 2009

You can see what I mean if you run:

Import-CSV "FileAccessGroupList.csv"

You should see something like:

InfoTech-M-FileDL      Created 20 May 2009
----------------------      ---------------------------
InfoTech-RE-FileDL    RE File DL
Infra-M-FileDL
Infra-RE-FileDL

Instead if you have this:

GroupName,Description
InfoTech-M-FileDL,Created 20 May 2009
InfoTech-RE-FileDL,RE File DL
Infra-M-FileDL
Infra-RE-FileDL

You'll get this instead:

GroupName                Description
---------------                --------------
InfoTech-M-FileDL      Created 20 May 2009
InfoTech-RE-FileDL     RE File DL
Infra-M-FileDL
Infra-RE-FileDL

It won't like you if you try and set a blank Description either, so we'd probably have to do....

Import-CSV "FileAccessGroupList.csv" | %{
  If ($_.Description) {
    New-QADGroup -Name $_.GroupName -ParentContainer $OU `
      -GroupType $GroupType -GroupScope $GroupScope -Description $_.Description
  } Else {
    New-QADGroup -Name $_.GroupName -ParentContainer $OU `
      -GroupType $GroupType -GroupScope $GroupScope
  }
}

Chris
Avatar of brianroma
brianroma

ASKER

Sorry-- code wasn't complete:


$OU = "OU=File Access Groups,OU=Domain Groups,DC=MYDOMAIN,DC=com"
$GroupType = "Security"
$GroupScope = "DomainLocal"

Import-CSV "FileAccessGroupList.csv" | %{ If ($_ -ne "") { `
  New-QADGroup -Name $_ -ParentContainer $OU -GroupType $GroupType -GroupScope $GroupScope } }

Import-CSV "FileAccessGroupList.csv" | %{
  New-QADGroup -Name $_.GroupName -ParentContainer $OU `
    -GroupType $GroupType -GroupScope $GroupScope -Description $_.Description
}
ASKER CERTIFIED SOLUTION
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of brianroma
brianroma

ASKER

Using this code, I now have the following error:

The argument cannot be null or empty.
At :line:11 char:22
+     New-QADGroup -Name <<<<  $_.GroupName -ParentContainer $OU `

Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

Run this one on its own:

Import-CSV "FileAccessGroupList.csv"

What do you get back?

Chris
Avatar of brianroma
brianroma

ASKER

Console in PowerGUI:


InfoTech-M-FileDL      Created 20 May 2009  
-----------------      -------------------- 
InfoTech-RE-FileDL     RE File DL           
Infra-M-FileDL                              
Infra-RE-FileDL

Open in new window

SOLUTION
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of brianroma
brianroma

ASKER

OK, it took a couple of repeats of information before it sunk in. I now understand the CSV header instructions.

Thanks for the help...

It works!!

B
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

You're most welcome :)

Chris