We help IT Professionals succeed at work.

AD Tool/Script Populate Security Groups Automatically

209 Views
Last Modified: 2017-04-13
Looking for a simplistic tool/script to auto populate Security Group(s) in AD.

So the tool/script scans each User and if a particular Security Group(s) isn't in their Member of List, it gets populated.
Obviously need this run automatically every few days
Comment
Watch Question

Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:
There are a few variations on this theme you might use. It uses the MS ActiveDirectory PowerShell module. Searches for everyone who isn't in the group, and adds them.
Get-ADUser -Filter { memberOf -ne 'CN=yourgroup,OU=somewhere,DC=domain,DC=local } | ForEach-Object {
    Add-ADGroupMember -Identity yourgroup -Member $_.DistinguishedName
}

Open in new window

The search might be a bit more constrained than that of course.
Information Security Officer
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION

Author

Commented:
getting multiple errors from line 16
ForEach ($Child In $arrChildren)
  # Only consider user objects.
  If ($Child.Class -eq "user")  
    # Add all users in the OU to the hash table.
    $List.Add($Child.distinguishedName, $True)
    # Check if user a member of the group.
    If ($Group.IsMember($Child.ADsPath) -eq $False)
    {
      # Add the user to the group.
      $Group.Add($Child.ADsPath)
      "Added " + $Child.distinguishedName



PS C:\Windows\system32> C:\Users\darrin.crawford\Documents\Powershell_AD_Confluence Check.ps1
At C:\Users\darrin.crawford\Documents\Powershell_AD_Confluence Check.ps1:16 char:33
+ ForEach ($Child In $arrChildren)
+                                 ~
Missing statement body in foreach loop.
At C:\Users\darrin.crawford\Documents\Powershell_AD_Confluence Check.ps1:18 char:30
+   If ($Child.Class -eq "user")
+                              ~
Missing statement block after If ( condition ).
    + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
    + FullyQualifiedErrorId : MissingForeachStatement
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010

Commented:
You've stripped out "{" characters all over the place. They're not there as decoration.

Author

Commented:
Apologies, I didn't see the full script.

It is now working but has removed all users from this particular Security Group!!
Chris DentPowerShell Developer
CERTIFIED EXPERT
Top Expert 2010
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION

Author

Commented:
ok, got it, I needed to dig down into my OUs.

Thanks for your help

Author

Commented:
Thanks for the prompt reponses