add user to active directory group ADGroupMember

Add User to Active Directory Group Using Add-ADGroupMember


The Active Directory Module for Windows PowerShell includes the Add-ADGroupMember cmdlet, which can be used to add user to Active Directory security or distribution groups. In order to use cmdlets from the ActiveDirectory module, at first you must load this module into your PowerShell session (on domain controllers with Windows Server 2012 or higher, this module is automatically loaded):

Import-Module ActiveDirectory

To add user1 to the domain group “TestGroup1”, run the following command in the PowerShell console with administrator privileges:

Add-ADGroupMember "TestGroup1" user1

Add ADGroupMember

You can add several users to the group at once, their accounts should be enumerated by comma:

Add-ADGroupMember "NYTraders" KDunkelman,SSmith

These are the simplest examples of using the Add-ADGroupMember cmdlet to add users to AD groups. Let’s consider some more complex methods.

For example, you need to get a list of users of one group (NYTraders) and add these accounts to another AD group (USTraders). To obtain a list of users of the NYTraders group, we will use the Get-ADGroupMember cmdlet. The resulting command might look like this:

Get-ADGroupMember “NYTraders” | Get-ADUser | ForEach-Object {Add-ADGroupMember -Identity “USTraders” -Members $_}

You can add to the group all users from a particular OU:

Get-ADUser -Filter * -SearchBase ‘OU=Users,OU=NY,OU=USA,DC=theitbros,DC=com’|

ForEach-Object -process {Add-ADGroupMember -identity "NY Users" -Members $_.SamAccountName}

After executing the command, you can open the ADUC console and make sure that all users have been added to the specified group.

Add_ADGroupMember identity

You can select users based on the value of some AD attribute and then add them to the particular group. For example, to add all users to the USAUsers group that have the United States in the co field, run the command:

Get-ADUser -filter {(co -eq "United States")} | ForEach-Object -process {Add-ADGroupMember -identity "USAUsers" -Members $_.SamAccountName}

You can create an Excel file (or a text CSV file) with a list of users that you want to add to a specific AD group. The file should be a list of samAccountNames of your users. You can use the following file format:

add user to active directory group

Below is the code of PowerShell script for adding users from CSV to the group:

$List = Import-CSV .\users.csv

$ErrorActionPreference='Continue'

$error.Clear()

ForEach ($User in $List)

{

Add-ADGroupMember -Identity ‘USTraders’ -Member $User.username

}

if ($error.Count -gt 0)

{

echo "Errors count: " $error.Count

}

$success=$($i-$error.Count)

if ($success -gt -1)

{

echo $success " users added successfully"

}

Similarly, you can add users to the Exchange distribution group:

Import-CSV .\Users.csv | ForEach-Object -process {Add-DistributionGroupMember -Identity "USTradersMailList" -Member $_.username }

You may also like:

Installing Active Directory Snap-in on Windows 10 One of the main Active Directory domain management tools is the MMC snap-in Active Directory Users and Computers (ADUC). To work with ADUC snap-in in ...
FSMO Role: Infrastructure Master We continue the series of articles about FSMO roles in the Active Directory domain. This time, we will take a closer look at the FSMO role — Infrastru...
How to hide specific OU in Active Directory The first thing you see while opening Active Directory Users and Computers (ADUC) snap-in is AD containers (Organization Unit, OU), in which user acco...
Change Default OU permissions in Active Directory By default, each newly created organizational unit (OU) in the access list includes read permission for the group Authenticated Users (built-in group)...
Join Domain and Login over a VPN Connection This is a short tutorial on how to join a computer to a domain over a VPN connection. This was very useful for us this weekend. We had to reformat a c...

Add Your Comment