Use Powershell to Create and Add members to Active Directory Groups from csv

This is a task that I feel like there are a ton of ways to do it, this is just mine. With this you create a csv file with two columns; the first is the username of the person you want to add to the group and the second is the group that the person should be in. The script will check to see if the group exists and if it doesn’t it will be created in the path you define and then it will add the member, if the group does already exists it simply adds the user. This is a fast way to create a bunch of groups if you need to. For connecting to Active directory see this post.

Script:

#You need to have a connection to AD first or run this from a DC (see https://allthesystems.com/2020/08/powershell-connection-examples/)
#Define path to csv and basepath to create groups if they dont exist
$list = Import-Csv -Path C:\Path\to\csv\newgroups.csv
$BasePathForGroups = "OU=Path,OU=To,OU=OU,DC=Domain,DC=com"

foreach ($item in $list) {
    #Set variables for loop from csv line
    $group = $item.group
    $member = $item.member

    #Check if group exists
    if(Get-ADGroup $group){

        Write-Host "group exists. adding member: $member"
        #Adds member
        Add-ADGroupMember -Identity $group -Members $member

    }
    else {
        Write-Host "Group doesnt exist.  creating: $group"
        #Creates group
        New-ADGroup -Name $group -SamAccountName $group -GroupCategory Security -GroupScope Global -DisplayName $group -Path $BasePathForGroups
        #Adds member
        Add-ADGroupMember -Identity $group -Members $member 
    }

}
Tagged : / /

Powershell Connection Examples

In this post I’m going to show you a few different ways to connect to thing using Powershell. I will make other posts that go into more detail and explain each one but this is more of a reference post. I will probably update this post in the future to include more but this current list includes Powershell Connection Examples for: Active Directory (on-prem), AzureAD, Exchange (on-prem), Exchange Online, vCenter and SCCM. Like all my posts I’m not claiming these are the only ways but these are the ways I use and they work. For these you may need to set you execution policy for these to work:

Set-ExecutionPolicy -ExecutionPolicy Bypass
Active Directory (On-Prem)
#set Variable for which Domain Controller to connect to
$Domain_Controller = "MyDC1"

#Check for Creds and ask for them if they aren't found
if (!($Creds)) {$Creds = get-credential -Message "Enter your Domain Admin Creds"}

#Connect to Domain Controller and import a Active Directory Session
$session = New-PSSession -ComputerName $Domain_Controller -Credential $creds
Invoke-Command $session -Scriptblock { Import-Module ActiveDirectory }
Import-PSSession -Session $session -module ActiveDirectory

Test Command

Get-ADuser username
Example of Active Directory Connection with Powershell
Example of Active Directory Connection with Powershell
AzureAD (MSOL)

For this you need to have the the MSOnline module installed you can get it by running:

Install-Module MSOnline -verbose

There are two ways to run this and it depends on if you have MFA setup and Trusted locations:
Option 1 –
If you do NOT have MFA setup OR you have MFA setup but you are logging in from a “Trusted Location”

#Check for Creds and ask for them if they aren't found
if (!($365Creds)) {$365Creds = get-credential -Message "Enter your Office365 Admin Creds"}

#Make the connection
Connect-MsolService -Credential $365Creds

Option 2 – If you have MFA on and aren’t at a “Trusted Location”

Connect-MsolService


Test Connection

Get-MsolUser -UserPrincipalName [email protected]
Example of Azure AD Connection with Powershell
Example of Azure AD Connection with Powershell
Exchange (On-Prem)
#Set Exchange Server Name
$Exc_Server = "ExchangeServerName"

#Check for Creds and ask for them if they aren't found
if (!($Creds)) {$Creds = get-credential -Message "Enter your Domain Admin Creds"}

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://$Exc_Server/PowerShell/ -Authentication Kerberos -Credential $creds

Import-PSSession $Session

Test Command

Get-Mailbox username
Example of Exchange Connection with Powershell
Example of Exchange Connection with Powershell
Exchange Online

For this you need the ExchangeOnlineManagement module installed. To install it run:

Install-Module ExchangeOnlineManagement

To connect use this:

Connect-ExchangeOnline

Test Command:

Get-Mailbox [email protected]
Example of Exchange Online Connection with Powershell
Example of Exchange Online Connection with Powershell
vCenter

For this you need the VMwarePowercli module installed. to install run:

Install-Module VMware.PowerCLI -AllowClobber

To connect:

If you do not have an SSL certificate on your vCenter you will need to set it to ignore your self signed cert with

Set-PowerCLIConfiguration -InvalidCertificateAction ignore

Next set your vCenter server with this command. Change vCenterServerName to match your vCenter server

#Set vCenter Servername
$vCenter_Server = "vCenterServerName"

Here is the actual connection commands, not need to change anything here. It will bring up a credential box. Enter your vCenter creds in domain\username format.

#Check for Creds and ask for them if they aren't found
if (!($Creds)) {$Creds = get-credential -Message "Enter your vCenter Admin Creds in domain\username format"}

Connect-VIServer -server $vCenter_Server -Credential $creds

Test Command:

get-Cluster
Example of vCenter Connection with Powershell
Example of vCenter Connection with Powershell
SCCM

The last Powershell Connection Example I have for you is SCCM. For this one you need to have the SCCM console installed locally or run this from the SCCM server. The console is specific to the version of SCCM you are running, you can get the console install from here \\SCCMSERVERNAME\SCCMConsoleInstaller\consoleinstaller.exe

To connect:

There are a few things to change in the below. Change SITENAME to your SCCM site name in both places, and change SCCM_Server_Name with your SCCM server name.

#Check for Creds and ask for them if they aren't found
if (!($Creds)) {$Creds = get-credential -Message "Enter your Domain Admin Creds"}

Import-Module 'C:\Program Files (x86)\Microsoft Configuration Manager\AdminConsole\bin\ConfigurationManager.psd1'
New-PSDrive -Credential $Creds -Name "SITENAME" -PSProvider "AdminUI.PS.Provider\CMSite" -Root "SCCM_Server_name" -Description "Primary site"
Set-Location SITENAME:

Test command:

Get-CMSite
Example of SCCM Connection with Powershell
Example of SCCM Connection with Powershell
Azure

Connecting to Azure is similar to AzureAD or Exchange online. First, you need the module. Once it is installed, you can now connect. One important thing to note is this AZ module is newer. If you have used the Azure or AzureRM modules in the past you need to remove them with uninstall-module.

Uninstall AzureRM:

Uninstall-AzureRm

Install Module:

 Install-Module az -AllowClobber

Once the module is install you can now connect.

Connect to Azure:

Connect-AzAccount

This will open another window where you can sign into Azure using your credentials.

Test Command:

Get-AzSubscription
Azure Connection Example
Tagged : / / / /