Link to home
Start Free TrialLog in
Avatar of Darrin Crawford
Darrin Crawford

asked on

AD Tool/Script Populate Security Groups Automatically

Looking for a simplistic tool/script to auto populate Security Group(s) in AD.

So the tool/script scans each User and if a particular Security Group(s) isn't in their Member of List, it gets populated.
Obviously need this run automatically every few days
Avatar of Chris Dent
Chris Dent
Flag of United Kingdom of Great Britain and Northern Ireland image

There are a few variations on this theme you might use. It uses the MS ActiveDirectory PowerShell module. Searches for everyone who isn't in the group, and adds them.
Get-ADUser -Filter { memberOf -ne 'CN=yourgroup,OU=somewhere,DC=domain,DC=local } | ForEach-Object {
    Add-ADGroupMember -Identity yourgroup -Member $_.DistinguishedName
}

Open in new window

The search might be a bit more constrained than that of course.
ASKER CERTIFIED SOLUTION
Avatar of Rajul Raj
Rajul Raj
Flag of United Arab Emirates image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Darrin Crawford
Darrin Crawford

ASKER

getting multiple errors from line 16
ForEach ($Child In $arrChildren)
  # Only consider user objects.
  If ($Child.Class -eq "user")  
    # Add all users in the OU to the hash table.
    $List.Add($Child.distinguishedName, $True)
    # Check if user a member of the group.
    If ($Group.IsMember($Child.ADsPath) -eq $False)
    {
      # Add the user to the group.
      $Group.Add($Child.ADsPath)
      "Added " + $Child.distinguishedName



PS C:\Windows\system32> C:\Users\darrin.crawford\Documents\Powershell_AD_Confluence Check.ps1
At C:\Users\darrin.crawford\Documents\Powershell_AD_Confluence Check.ps1:16 char:33
+ ForEach ($Child In $arrChildren)
+                                 ~
Missing statement body in foreach loop.
At C:\Users\darrin.crawford\Documents\Powershell_AD_Confluence Check.ps1:18 char:30
+   If ($Child.Class -eq "user")
+                              ~
Missing statement block after If ( condition ).
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : MissingForeachStatement
You've stripped out "{" characters all over the place. They're not there as decoration.
Apologies, I didn't see the full script.

It is now working but has removed all users from this particular Security Group!!
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ok, got it, I needed to dig down into my OUs.

Thanks for your help
Thanks for the prompt reponses