Bulk ADD member to group based on Active Directory Attribute

/ October 4, 2015

Hi Readers,

Just sharing a old script that I have recently modified to fullfil one requirement where employeeids are shared &

these needs to be added to the Active directory group. Value of Employee id is stored in one of the AD attribute.

Pre-requisties: Quest AD management Shell

Extract the script zip file & change the variables accordingly.

https://gallery.technet.microsoft.com/scriptcenter/Bulk-ADD-member-to-group-725c11a1

$grp=”Define group name” # group CN Name, example “Test Dl1”, no need to include full dn..

$attrib = “extensionattribute11”

Update the Users.txt file with the employee ids (make sure the first line is empid as it will act as header)

Now just run the script as shown below:

.\addtoGroupext.ps1 .\users.txt

Capture

########################################################################################### 
##                                                                                             
##           Author: Vikas Sukhija                                                         
##           Date: 26-11-2012  
##         Modified: 18-09-2015 
##         Update :  Update users from EMployeeid                                                     
##           Description:- If user is not a member of group this script add it after reading    
##           from CSV                                                                                
########################################################################################### 
#Add Quest Shell... 
 
If ((Get-PSSnapin | where {$_.Name -match "Quest.ActiveRoles"}) -eq $null) 
{ 
    Add-PSSnapin Quest.ActiveRoles.ADManagement 
} 
 
#####define Variables/Log ######## 
 
$date = get-date -format d 
$time = get-date -format t 
 
$date = $date.ToString().Replace(“/”, “-”) 
 
$time = $time.ToString().Replace(":""-"$time = $time.ToString().Replace(" """) 
 
$log1 = ".\Logs" + "\" + "Addtogrp_" + $date + $time + "_.log" 
$log2 = ".\Logs" + "\" + "Usrnotadded_" + $date + $time + "_.log" 
$log3 = ".\Logs" + "\" + "UsrAdded_" + $date + $time + "_.log" 
 
$usertoadd = @() 
 
$grp="Define group name" 
$attrib = "extensionattribute11" 
 
$coll = @() 
 
start-transcript -path $log1 
 
######################### 
 
# import csv file 
 
$data = import-csv $args[0] 
 
$Can = “CN=$grp” 
 
$dt = get-date 
 
 
Write-host "`n Group to which users will be added $Can" -foregroundcolor magenta 
 
 
foreach($i in $data) { 
 
$empid = $i.empid 
$usertoadd$null 
 
$user = Get-QADUser -LdapFilter "($attrib=$empid)" 
 
Write-host "`n $empid matched $user" -foregroundcolor Green 
 
 
  if (($user.memberof -like “$Can,*”)) 
 
  { 
 
  write-host “$user is a member & will not be added to $grp group” 
  add-content $log2 “$user is a member & will not be added to $grp group” 
 
  } 
 
  else 
  
  { 
 
  write-host “$user is not a member & will be added to $grp group” 
 
  add-qadgroupmember $grp $user   
  add-content $log3 “$user is a member & will be added to $grp group” 
   
    } 
 
} 
 
$dt = get-date 
 
Write-host  "all users addition to group finished... $dt...." -foregroundcolor green 
 
 
stop-transcript 
 
 
########################################################################################
 

Tech Wizard

https://techwizard.cloud

https://syscloudpro.com/

 

Advertisement

Related posts

2 thoughts on “Bulk ADD member to group based on Active Directory Attribute

  1. Dear Vikas, We are running AD on 2003 so just want to confirm if you have any vbs/bat script to save or email the ad health on daily basis.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s