Optimize Powershell (Quest AD) script to populate AD group

Posted on 2011-09-14
Medium Priority
Last Modified: 2012-05-12

I have a script that I'd like to use to maintain distribution groups in Active Directory current. I search for a keyword in the title AD attribute and then I add the member to the group. My script works, but it seems that it's taking a little while to complete. I've used the [void] types in an attempt to speed up the script but still slow especially when adding 1000+ users to the group. Another area where my script might be slow is in the fact that I "rebuild" the group every time....in other words, I clear it first and then add the members all over again.

I'm looking to see if someone out there can provide me with tips on how to speed up this script. Thanks.
# Params
$filter = "(title=*keyword*)"
$scope = 'dc=domain,dc=local'
$Group = Get-QADGroup -Identity "My-Group"

# Clear group
[void](Set-QADGroup -Identity $Group.DN -Member $NULL)

# Get all enabled Active Directory accounts
$Searcher = Get-QADUser -Enabled -SearchRoot $scope -IncludedProperties title -LdapFilter $filter  -SizeLimit 0

# Add each account to the specified group
$Searcher | ForEach-Object {
	[void](Add-QADGroupMember -Identity $Group.DN -Member $_.DN )

Open in new window

Question by:bndit
  • 2
LVL 16

Accepted Solution

Dale Harris earned 1000 total points
ID: 36539680
I noticed you're not piping anything. This should speed things up a little.  Since the actual VOID of the group is pretty much instant, we won't save much time there.

$filter = "(title=*keyword*)"
$scope = 'dc=domain,dc=local'
$Group = Get-QADGroup -Identity "My-Group"

# Clear group
[void](Set-QADGroup -Identity $Group.DN -Member $NULL)

# Get all enabled Active Directory accounts and add them to the group
Get-QADUser -Enabled -SearchRoot $scope -IncludedProperties title -LdapFilter $filter  -SizeLimit 0 | %{Add-QADGroupMember -Identity $Group.DN -Member $_.DN}

It would help if you were able to reduce the amount of Users that come up via a smaller OU starting point.  The LDAPFilter still has to be applied to every single user found.  If you had only 300 users to search through instead of 5000, that would save the time.  Try to see if you can get as granular as possible without having to go through AD.   You have it pretty much figured out though.

Dale Harris

Author Comment

ID: 36539815
Thanks Dale....unfortunately, I have to crawl the entire AD domain because OU are not in place at the time, but I totally agree with you. Once the OU structure is in place I'll tweak the script to target smaller user sets. I made the change and seems to be working Ok...not sure how much "faster" it is but I'll go with your suggestion.

Thanks again.

Author Closing Comment

ID: 37149378
thank you.

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
Loops Section Overview

619 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question