asked on 10/6/2011

PowerShell script to add AD user in Distribution List using AD attribute

IM trying to find a PowerShell script that will populate active directory Distribtuion lists by using an AD Attribute of any user.

For example, a PoewrShell script that retrieves a selected Active Directory attribute for all users (An attached file where fmCostCenter attribute have value of 200, 212 and 218 ), then parses this or interprets in some way, then based on this adds each user with the matching attribute value add to a distribution group. Before adding the user to Distribution Group make a check if the user is already present or not.

Script can be extended to remove the users from Distribution List those do not match this attribute value anymore. Because users keeps moving between different cost centers and do not want to be part of Distribution List.

Appreciate your help..
Thanks

Adsi.png

Powershell

Last Comment

thakurdinesh

10/11/2011

KenMcF

10/7/2011

You can do this using the Quest AD cmdlets.
http://www.quest.com/powershell/activeroles-server.aspx
Depending on what your group names are you will need to modify the script. This script uses the group names of
"Cost_Center_Group_200"
"Cost_Center_Group_212"
"Cost_Center_Group_218"

$CostCenters = "200", "212", "218"
foreach ($CostCenter in $CostCenters){
#Add Users
get-qaduser -ldapfilter "(fmCostCenter=$CostCenter)" -notmemberof "Cost_Center_Group_$CostCenter" | Add-QADGroupMember "Cost_Center_Group_$CostCenter"
#Remove Users
Get-QADGroupMember "Cost_Center_Group_$CostCenter" -properties fmCostCenter | Where {$_.fmCostCenter -ne "$CostCenter"} | foreach{Remove-QADGroupMember "Cost_Center_Group_$CostCenter" $_}
}

Open in new window

KenMcF

10/7/2011

Here is another one that will be a little more efficient if you have large group membership

$CostCenters = "200", "212", "218"
foreach ($CostCenter in $CostCenters){
#Add Users
get-qaduser -ldapfilter "(fmCostCenter=$CostCenter)" -notmemberof "Cost_Center_Group_$CostCenter" | Add-QADGroupMember "Cost_Center_Group_$CostCenter"
#Remove Users
Get-QADGroupMember "Cost_Center_Group_$CostCenter" -LdapFilter "(!(fmCostCenter=$CostCenter))" | foreach{Remove-QADGroupMember "Cost_Center_Group_$CostCenter" $_}
}

Open in new window

thakurdinesh

10/7/2011

ASKER

Ken, I proposed this solution using Quest AD but rejected.. So I cannot use any quest cmdlet because of some scheduled jobs..

So can only use windows cmdlets.. I have similar VB script but that solution is also rejected.

Thanks

KenMcF

10/7/2011

What version of OS and Exchange are you running? Do you have Windows 7 or Server 2008R2?

thakurdinesh

10/7/2011

ASKER

Exchange 2007 and Server 2008 SP2 (not R2)

thakurdinesh

10/7/2011

ASKER

Between, we need to add these users from different cost centers to just One group.

The purpose fo this group is to restrict them sending emails using transport rule..

Thanks

ASKER CERTIFIED SOLUTION

KenMcF

10/8/2011

THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

RobSampson

10/8/2011

@KenMcF, sorry to hijack this thread a bit, but could I possibly get you to have a look at
https://www.experts-exchange.com/questions/27362825/Create-a-dynamic-distribution-group-using-get-date-on-whencreated.html
and offer your opinion as to whether the task is possible in Powershell? Shouldn't take long....

Thanks, again...sorry....

Rob.

thakurdinesh

10/11/2011

ASKER

Thanks very much KenMcF!

Line no 8 I was not selecting the sAMAccountName...

Thanks again for your help.