• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 63
  • Last Modified:

Powershell Script to Add AD User Accounts to Group using UPNs in an input file

I currently use the below script to add users to a group by SAMAccountName.  I have a file that contains UPNs instead however, and this does not work.  How can I modify the script to work with UPNs instead of SAMAccountName?

$Users = Get-Content UserList.txt
ForEach ($User in $Users) 
{
Add-ADGroupMember -Identity 'GroupName' -Members $Users
}

Open in new window

0
fireguy1125
Asked:
fireguy1125
  • 4
  • 3
  • 2
1 Solution
 
MaheshArchitectCommented:
Try below
save your file as csv and Add "upn" as header
$Users = import-Csv UserList.csv
$users |  Get-ADUser -Filter (UserPrincipalName -eq $_.upn) | Add-ADGroupMember -Identity 'GroupName' -Members $_

Open in new window

0
 
Jason CrawfordTransport NinjaCommented:
Try this:

foreach ($user in (Get-Content .\userlist.txt)) {
    $upn = Get-ADUser $user
    Add-ADGroupMember 'GroupName' -Members $upn
}

Open in new window

0
 
fireguy1125Author Commented:
Neither of the above are working for me.

For Mahesh's script, I get this error:

UserPrincipalName : The term 'UserPrincipalName' is not recognized as the name of a cmdlet, function, script file, or
operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try
again.
At line:1 char:31
+ $users |  Get-ADUser -Filter (UserPrincipalName -eq $_.upn) | Add-ADG ...
+                               ~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (UserPrincipalName:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

Open in new window


For Jason's script, I get error:

Get-ADUser : Cannot find an object with identity: 'TestUser1@domainname.com' under: 'DC=domainname,DC=com'.
At line:2 char:12
+     $upn = Get-ADUser $user
+            ~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (TestUser1@domainname.com:ADUser) [Get-ADUser], ADIdentityNotFound
   Exception
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,M
   icrosoft.ActiveDirectory.Management.Commands.GetADUser

Add-ADGroupMember : Cannot validate argument on parameter 'Members'. The argument is null or empty. Provide an
argument that is not null or empty, and then try the command again.
At line:3 char:39
+     Add-ADGroupMember 'GroupName' -Members $upn
+                                       ~~~~
    + CategoryInfo          : InvalidData: (:) [Add-ADGroupMember], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.AddADGrou
   pMember

Get-ADUser : Cannot find an object with identity: 'TestUser2@domainname.com' under: 'DC=domainname,DC=com'.
At line:2 char:12
+     $upn = Get-ADUser $user
+            ~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (TestUser2@domainname.com:ADUser) [Get-ADUser], ADIdentityNotFound
   Exception
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,M
   icrosoft.ActiveDirectory.Management.Commands.GetADUser

Add-ADGroupMember : Cannot validate argument on parameter 'Members'. The argument is null or empty. Provide an
argument that is not null or empty, and then try the command again.
At line:3 char:39
+     Add-ADGroupMember 'GroupName' -Members $upn
+                                       ~~~~
    + CategoryInfo          : InvalidData: (:) [Add-ADGroupMember], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.AddADGrou
   pMember

Open in new window


Thanks.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Jason CrawfordTransport NinjaCommented:
My fault, try this instead:

foreach ($user in (Get-Content .\userlist.txt)) {
    $upn = Get-ADUser -Filter {UserPrincipalName -eq $user}
    Add-ADGroupMember 'GroupName' -Members $upn.samaccountname
}

Open in new window

0
 
fireguy1125Author Commented:
I get this error now:

Add-ADGroupMember : Cannot validate argument on parameter 'Members'. The argument is null or empty. Provide an
argument that is not null or empty, and then try the command again.
At line:3 char:39
+     Add-ADGroupMember 'GroupName' -Members $upn.samaccountname
+                                       ~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Add-ADGroupMember], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.AddADGrou
   pMember

Open in new window

0
 
Jason CrawfordTransport NinjaCommented:
You have to replace 'GroupName' with the name of the AD group you're adding these members to.

Untitled.png
0
 
fireguy1125Author Commented:
Thanks Jason,  Indeed I replaced the group name with what I was using, and actually it did add the members to the group successfully.  I noticed my input file still had the UPN heading, which is what was throwing the error.  I removed it, and just kept the UPNs, and it ran successfully without throwing the errors.  Thanks again!
0
 
Jason CrawfordTransport NinjaCommented:
Glad I could help and sorry for the initial confusion.  Take care :)
0
 
MaheshArchitectCommented:
@fireguy:
Can you please recheck if script is working for you as I have checked all combinations and its giving error with / without headers or with .txt file as well.

The error is either its not able to accept -members value or its not able to get UserPrincipalName at 1st place in query

If its working for you, please post last successful working code
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now