Solved

Need powershell script to create OU's,Security groups,GPO's at the same time.

Posted on 2016-11-01
3
80 Views
Last Modified: 2016-11-17
I've a task to automate a process which we do on almost daily basis. Below is the requirement.

1) Create a "Test" OU under OU=Sample,DC=Contoso,DC=COM

2) Create security groups named "Test 2", "Test 3", "Test 4" under OU=Sample1,DC=Contoso,DC=COM and add members in each group

3) Create a Test 5 group under "Test" OU.

4) Create a GPO named "Test-SA" and link it to "Test" OU.


How can i automate this whole thing?.

Thanks in Advance!!!
0
Comment
Question by:A D
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 37

Expert Comment

by:Mahesh
ID: 41869644
All tasks are separate and you can have single one liner commands to achieve each task

Import-Module ActiveDirectory

New-ADOrganizationalUnit -Name "Test" -Path "OU=Sample,DC=Contoso,DC=COM"

NEW-ADGroup –name "Test 2" –groupscope Global –path “OU=sample1,DC=Contoso,DC=com”
NEW-ADGroup –name "Test 3" –groupscope Global –path “OU=sample1,DC=Contoso,DC=com”
NEW-ADGroup –name "Test 4" –groupscope Global –path “OU=sample1,DC=Contoso,DC=com”

NEW-ADGroup –name "Test 5" –groupscope Global -path "OU=test,OU=Sample,DC=Contoso,DC=COM"

Import-Module GroupPolicy
New-GPO -Name Test-SA -comment "This is a test GPO."
new-gplink -name test-SA -target "OU=test,OU=Sample,DC=Contoso,DC=COM"

Open in new window


save all above code into .ps1 file OR you can simply copy / paste into PowerShell

use domain admins member to logon on to DC  (2008 R2 and above) or member server with RSAT installed and run elevated PowerShell
then from elevated PowerShell run below command (one time)
set-executionpolicy remotesigned
when asking for prompt, press y and hit enter
This will allow running PowerShell script
1
 

Author Comment

by:A D
ID: 41869713
Thanks Mahesh. I did the same thing but I was not able to pipe the Add-ADGroupmember cmdlet and was not able to modify the script to add users in the respective group, Can you help?.

Thanks again
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 41869877
you could have mention the things where you stuck in original question

What actually your script do? without understanding script logic its difficult what you are trying to do

If you upload script I can help

Add-AdGroupMember will not accept piped output
You need to put users in variable and then call it via Add-AdGroupMember

Ex: Get ad users from specific OU and add them to specific OU
$Allusers = Get-Aduser -Searchbase "Ou=Test,DC=contoso,DC=com"
foreach ($users in $Allusers) 
{ Add-AdGroupMember groupname –Member $users.SamAccountName }

Open in new window


If you are reading from csv file then
$allusers = import-csv C:\allusers.csv
foreach ($users in $allusers)
{ $user = Get-Aduser -Identity $users.SamAccountName -Erroraction -SilentlyContinue
  If($user -ne $null) { Add-AdGroupMember GroupName -Member $user }
}

Open in new window


The csv file should contains column called SamAccountName and all users should listed underneath that
1

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question