Home > Blockchain >  PowerShell Add users to AD group via CSV - script not adding users
PowerShell Add users to AD group via CSV - script not adding users

Time:01-14

>     # Start transcript Start-Transcript -Path C:\Temp\Add-ADUsers.log -Append
> 
> # Import AD Module Import-Module ActiveDirectory
> 
> # Import the data from CSV file and assign it to variable $Users = Import-Csv "C:\Temp\jacktest.csv"
> 
> # Specify target group where the users will be added to
> # You can add the distinguishedName of the group. For example: CN=Pilot,OU=Groups,OU=Company,DC=exoip,DC=local $Group = "JackTest" 
> 
> foreach ($User in $Users) {
>     # Retrieve UPN
>     $UPN = $User.UserPrincipalName
> 
>     # Retrieve UPN related SamAccountName
>     $ADUser = Get-ADUser -Filter "UserPrincipalName -eq '$UPN'" | Select-Object SamAccountName
> 
>     # User from CSV not in AD
>     if ($ADUser -eq $null) {
>         Write-Host "$UPN does not exist in AD" -ForegroundColor Red
>     }
>     else {
>         # Retrieve AD user group membership
>         $ExistingGroups = Get-ADPrincipalGroupMembership $ADUser.SamAccountName | Select-Object Name
> 
>         # User already member of group
>         if ($ExistingGroups.Name -eq $Group) {
>             Write-Host "$UPN already exists in $Group" -ForeGroundColor Yellow
>         }
>         else {
>             # Add user to group
>             Add-ADGroupMember -Identity $Group -Members $ADUser.SamAccountName -WhatIf
>             Write-Host "Added $UPN to $Group" -ForeGroundColor Green
>         }
>     } } Stop-Transcript

Code not add users to group successfully I am trying to add 900 users to an AD group from CSV with a heading "UserPrincipalName" The reporting else if statements are working as expected.

CodePudding user response:

I think your code is good enough and the reason for no changes made I believe is the -WhatIf switch , that should display a message and not do the action.

That aside, there are a couple of things you can consider, one is the | Select-object this would modify the object to PSCustomObject and you would loose all the methods and benefits of having an ADObject. Another thing would be the comparison you use, instead of -eq againsta list you better use -contains , so you get true/false . Third but not least is the comparison to $null , in that particular case I think you dont really need that, but you could rather just see if something is returned with (-not $ADUser)

With all that in mind, I have modify the code to my comments.

foreach ($User in $Users) {
    # Retrieve UPN
    $UPN = $User.UserPrincipalName

    # Retrieve UPN related SamAccountName
    $ADUser = Get-ADUser -Filter "UserPrincipalName -eq '$UPN'"

    # User from CSV not in AD
    if (-not $ADUser) {
        Write-Host "$UPN does not exist in AD" -ForegroundColor Red
    }
    else {
        # Retrieve AD user group membership
        $ExistingGroups = Get-ADPrincipalGroupMembership $ADUser.SamAccountName

        # User already member of group
        if ($ExistingGroups.Name -contains $Group) {
            Write-Host "$UPN already exists in $Group" -ForeGroundColor Yellow
        }
        else {
            # Add user to group
            Add-ADGroupMember -Identity $Group -Members $ADUser.SamAccountName
            Write-Host "Added $UPN to $Group" -ForeGroundColor Green
        }
    } 
} Stop-Transcript

Page link:https//www.codepudding.com/Blockchain/262084.html

Prev:Can someone optimize my .net RegEx for Powershell - parsing a table with errors
Next:What causes the output of select-object to be truncated?
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding