Solved

Populating AD Security Groups based on AD attribute

Posted on 2013-06-18
3
1,257 Views
Last Modified: 2013-06-19
Hi Experts,

Is there a way to script the following:

If user is member of a certain department (AD Attribute) then populate a certain security group i.e. make the user a member of that security group?

Domain is Windows 2008 R2

TIA
0
Comment
Question by:abhijitm00
  • 2
3 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 39257209
Try somethign lke..
Get-ADuser -filter {Department -eq "Marketing"} | %{Add-ADGroupMember "Marketing Group" $_.SamAccountName}

Open in new window

0
 

Author Comment

by:abhijitm00
ID: 39257795
Thanks Subsun, this seems to work. Is there a way to restrict this to a certain OU?
0
 
LVL 40

Accepted Solution

by:
Subsun earned 500 total points
ID: 39257819
Try..
Get-ADUser -SearchBase 'OU=UserAccounts,DC=contoso,DC=local' -filter {Department -eq "Marketing"} | %{Add-ADGroupMember "Marketing Group" $_.SamAccountName}

Open in new window

0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html) provided 218 attendees with a step-by-step guide for identifying Acti…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now