PowerShell – Create AD Group and Mirror Members – Lab Core

Create a new AD group and mirror members from existing AD group.

# The New AD Group Name
$NewGrpName = "Pilot"

# Group Scope: DomainLocal, Global, Universal
$GrpScope = "Global"

# New AD Group Description
$GrpDescription = "This is a pilot group"

# AD Group Category: Distribution, Security
$GrpCat = "Security"

# AD Path of OU
$OUPath = "OU=groups,OU=YourOU,DC=YourDomain,DC=com"

# Use an existing AD Group to mirror membership
$ExistingGrpName = "MirrorThisGroupMembers"

# Cmdlet command line using above variables
New-ADGroup -name $NewGrpName -GroupScope $GrpScope -description $GrpDescription -GroupCategory $GrpCat -path $OUPath -passthru |
Add-ADGroupMember -member (Get-ADGroupMember $ExistingGrpName) -passthru |
Get-ADGroupMember | Select Name

Notes

New-ADGroup

New-ADGroup -Name "RODC Admins" -SamAccountName RODCAdmins -GroupCategory Security -GroupScope Global -DisplayName "RODC Administrators" -Path "CN=Users,DC=Fabrikam,DC=Com" -Description "Members of this group are RODC Administrators"

Add-ADGroupMember

Add-ADGroupMember SvcAccPSOGroup SQL01,SQL02

Get-ADGroupMember

cmdlet Get-ADGroupMember at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
Identity: Administrators

distinguishedName : CN=Domain Admins,CN=Users,DC=Fabrikam,DC=com
name              : Domain Admins
objectClass       : group
objectGUID        : 5ccc6037-c2c9-42be-8e92-c8f98afd0011
SamAccountName    : Domain Admins
SID               : S-1-5-21-41432690-3719764436-1984117282-512

distinguishedName : CN=Enterprise Admins,CN=Users,DC=Fabrikam,DC=com
name              : Enterprise Admins
objectClass       : group
objectGUID        : 0215b0a5-aea1-40da-b598-720efe930ddf
SamAccountName    : Enterprise Admins
SID               : S-1-5-21-41432690-3719764436-1984117282-519

distinguishedName : CN=LabAdmin,CN=Users,DC=Fabrikam,DC=com
name              : LabAdmin
objectClass       : user
objectGUID        : ab7c269d-aec5-4fcc-aebe-6cd1a2e6cd53
SamAccountName    : LabAdmin
SID               : S-1-5-21-41432690-3719764436-1984117282-1000

distinguishedName : CN=Administrator,CN=Users,DC=Fabrikam,DC=com
name              : Administrator
objectClass       : user
objectGUID        : 994f46e6-c62c-483f-a6cf-124197b6a959
SamAccountName    : Administrator
SID               : S-1-5-21-41432690-3719764436-1984117282-500

tags: Active Directory scripting, PowerShell Active Directory, MrNetTek