Add User to Active Directory Group Using Add-ADGroupMember

The Active Directory Module for Windows PowerShell includes the Add-ADGroupMember cmdlet, which can be used to add user to Active Directory distribution or security groups. In order to use cmdlets from the ActiveDirectory module, at first you must load this module into your PowerShell session (on domain controllers with Windows Server 2012 or higher, this module is automatically loaded):

Import-Module ActiveDirectory

To add user1 to the domain group “TestGroup1”, run the following command in the PowerShell console with administrator privileges:

Add-ADGroupMember "TestGroup1" user1

add-adgroupmember

You can add several users to the group at once, their accounts should be enumerated by comma:

Add-ADGroupMember "NYTraders" KDunkelman,SSmith

These are the simplest examples of using the Add-ADGroupMember cmdlet to add users to AD groups. Let’s consider some more complex methods.

For example, you need to get a list of users of one group (NYTraders) and add these accounts to another AD group (USTraders). To obtain a list of users of the NYTraders group, we will use the Get-ADGroupMember cmdlet. The resulting command might look like this:

Get-ADGroupMember “NYTraders” | Get-ADUser | ForEach-Object {Add-ADGroupMember -Identity “USTraders” -Members $_}

You can add to the group all users from a particular OU:

Get-ADUser -Filter * -SearchBase ‘OU=Users,OU=NY,OU=USA,DC=theitbros,DC=com’|

ForEach-Object -process {Add-ADGroupMember -identity "NY Users" -Members $_.SamAccountName}

After executing the command, you can open the ADUC console and make sure that all users have been added to the specified group.

READ ALSO  Changing Local and Active Directory User Password Using PowerShell

powershell add user to group

You can select users based on the value of some AD attribute and then add them to the particular group. For example, to add all users to the USAUsers group that have the United States in the co field, run the command:

Get-ADUser -filter {(co -eq "United States")} | ForEach-Object -process {Add-ADGroupMember -identity "USAUsers" -Members $_.SamAccountName}

You can create an Excel file (or a text CSV file) with a list of users that you want to add to a specific AD group. The file should be a list of samAccountNames of your users. You can use the following file format:

powershell add-adgroupmember

Below is the code of PowerShell script for adding users from CSV to the group:

$List = Import-CSV .users.csv

$ErrorActionPreference='Continue'

$error.Clear()

ForEach ($User in $List)

{

Add-ADGroupMember -Identity ‘USTraders’ -Member $User.username

}

if ($error.Count -gt 0)

{

echo "Errors count: " $error.Count

}

$success=$($i-$error.Count)

if ($success -gt -1)

{

echo $success " users added successfully"

}

Similarly, you can add users to the Exchange distribution group:

Import-CSV .Users.csv | ForEach-Object -process {Add-DistributionGroupMember -Identity "USTradersMailList" -Member $_.username }
Cyril Kardashevsky
READ ALSO  Non-authoritative Restore of AD Domain Controller from Backup

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.