My birthday month so sharing a script that can be used in many situations and will be very useful for System Admins.
This can be used to patch the situations where one group has been used for some important work or policies but now due to new requirement there are members in some groups that also needs a same policy and you can not nest the group inside the original group or add multiple groups to the policy.
Download the script from Github or install it from Powershell gallery.
Install-Script -Name SyncMultipleGroups2One
Prerequisites: Active Directory Module
To run the Script, you can run it from PowerShell
.\SyncMultipleGroups2One.ps1.ps1 -Groups ‘Group1,Group2,Group3’ -desgroup “DestinationGroup” -smtpserver “smtpserver” -from “DoNotReply@labtest.com” -erroremail “ReportsLogs@labtest.com” -countofchanges 200 -logrecyclelimit 60
Groups à Source Groups separated by Coma ‘Group1,Group2,Group3’
Desgroup à Destination Group to which members will be synchronized (at least one member should be there in the group)
Smtpserver à Smtp server
From à From address from which email will be sent
Erroremail à Email address on which log, or error will be sent.
Countofchanges à This has been built for protection so that if you see more changes than this number script stops and does not process anything.
Logrecyclelimit à Number of days after which logs will recycle.
To schedule a script, you can create a batch file and add it in task scheduler:
SyncMultipleGroups2One.ps1.ps1 -Groups ‘Group1,Group2,Group3’ -desgroup “DestinationGroup” -smtpserver “smtpserver” -from “DoNotReply@labtest.com” -erroremail “ReportsLogs@labtest.com” -countofchanges 200 -logrecyclelimit 60
Logs will be placed in logs folder:
I hope this script will help you as well to workaround some of the situations without changing the design.
Thanks for reading and downloading….