PowerShell – AD Group management

Here are few quick one liners such as add user to 2 AD groups at same time:

1 2	"Managers","SalesRep" \| Add-ADGroupMember -Members ` (Read-Host -Prompt "Enter User Name")

Add multiple user to AD group:

1	Add-AdGroupMember -Identity SALES -Members B.Jackson, E.Frank

Remove AD group fromthe Active Directory:

1	Remove-ADGroup -Identity Quality

Add or Remove users from CSV where you have only one column users:

1	Import-CSV C:\scripts\users.csv -Header users \| ForEach-Object {Add-AdGroupMember -Identity "SalesRep" -members $_.users}

Removing users from group based on CSV

1	Import-CSV C:\scripts\users.csv -Header users \| ForEach-Object {Remove-ADGroupMember -Identity "SalesRep" -members $_.users}

And of course, very handy is to remove all group membership from disabled user in AD for security reason. All group membership will be removed from the user except the default Domain User group.

1
2
3

Get-ADUser -Identity E.Frank -Properties MemberOf | ForEach-Object {
$_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
}

Get the list of all your groups in AD

1	Get-ADGroup -filter * -properties GroupCategory \| ft name,groupcategory

Tech Notes Desk

PowerShell – AD Group management

Leave a Reply Cancel reply