Thursday, June 9, 2016

Bulk create Active directory groups and add users from csv - Powershell

Using this script, you should be able to check and create Active Directory groups based on the input from spreadsheet (CSV)

  1. Copy the script in a notepad and save it as 'Add_ADGroups_Members.ps1'
  2. Use the same format for csv and add your own groups and update csv based on your domain and path and save it in the same folder as your script.
  3. Both script and csv are saved in the desktop
  4. Open powershell as Administrator (or ) Windows Powershell ISE that comes along with debugging. Using Powershell ISE can skip 5 thru 8 and open your script and hit F5
  5. In the powershell Navigate to your desktop (where script and csv are present)
  6. Set-ExecutionPolicy RemoteSigned
  7. Click Yes
  8. Now run the script by typing   ./Add_ADGroups_Members.ps1
  9. check your AD groups getting created along with members added

Note: Users Domain is different to domain where groups are being created. You can have the same domain too, depending on your environment

# Import active directory module for running AD cmdlets
  Import-Module ActiveDirectory

    $Users = Import-Csv -Path "C:\Desktop\AD_input.csv"  
    foreach ($User in $Users)            
        $GroupName = $User.'GroupName'            
        $samAccountName= $User.'samAccountName'       
        write-host Current AD Group Name is $GroupName and accounts to add are $samAccountName
              #Check if the Group already exists
              write-host checking to see if group $User.GroupName exists
              $exists = Get-ADGroup $User.GroupName
              Write-Host "Group $($User.GroupName) already exists! skipping group creation!"
              #Create the group if it doesn't exist
                $create = New-ADGroup -Name $GroupName -GroupScope $User.GroupType -Path $User.GroupLocation -Description $User.GroupDescription
                Write-Host AD Group $GroupName created!

         # Parse prospective members and add each to the new group. (multiple users to be added to same group)
         $Members = $User.samAccountName.Split(";")
         ForEach ($Member In $Members)
             write-host Adding member  $Member
             $DomainGroupDN = Get-ADGroup -Identity $GroupName -Server
             $SamDN = Get-ADUser $Member -Server
             Add-ADGroupMember $DomainGroupDN -Server $SamDN
             $Member = ""

     Write-Host Members $Members added to Group $GroupName


Spreadsheet:   (save it as *.csv)

No comments: