{"id":610,"date":"2015-03-10T19:34:13","date_gmt":"2015-03-10T18:34:13","guid":{"rendered":"https:\/\/www.em-soft.si\/myblog\/elvis\/?p=610"},"modified":"2015-03-10T19:34:13","modified_gmt":"2015-03-10T18:34:13","slug":"add-groups-and-users-to-ad-with-powershell","status":"publish","type":"post","link":"https:\/\/em-soft.si\/myblog\/elvis\/?p=610","title":{"rendered":"Add Groups and Users to AD with PowerShell"},"content":{"rendered":"<p><span style=\"font-size: 12pt; font-family: times new roman,times;\">When I have to manage a bigger environment, with many groups and users, I always think to <strong>PowerShell<\/strong>. Of course, the first step to work with PowerShell is that you have all users or groups listed in a CSV (or similar) file. The first problem for many administrators is the structure of the CSV and data needed by AD. I want to talk about this, because <strong>CSV stands for comma separated value<\/strong>, what means that all fields are separated by comma. Nothing strange or new, but as we know also <strong>AD structure is using commas to delaminate OU\u2019s, domains etc<\/strong>. Because of this, please be careful when you create your CSV file. I prefer to create <strong>CSV file with semicolon as delimiter<\/strong> and then all the things are going right.<\/span><br \/>\n<span style=\"font-size: 12pt; font-family: times new roman,times;\">The second step that I use is to create <strong>at maximum three CSV files<\/strong>; one containing new AD groups, the second containing Group nesting (groups that are members of groups) and the last one containing users (Users and groups that have to be members). If you receive that data form other sources, be careful and first just test if all data are correct (if users really exist, if there is no typing error) and after this step begin with the implementation. This could be done with the same script, just delete the lines that contains write actions and export results in a test file for the future control.<\/span><br \/>\n<span style=\"font-size: 12pt; font-family: times new roman,times;\">Creating a CSV files: For me, the best program to create CSV files is <strong>Microsoft Excel<\/strong>. Everyone knows the program in the way that can type names and some data in (not all, you will have to type some attributes yourself) I always use the same structure of CSV and for this reason I never have problem with the script. Fundamentally is first line, where you have to define columns. So there are my columns:<\/span><\/p>\n<p><span style=\"font-size: 12pt; font-family: times new roman,times;\"><em><strong>For Groups CSV<\/strong><\/em> (New groups to be created):<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">Name \u2013 The name of the group<\/span><\/li>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\"> DisplayName \u2013 Display name of the group<\/span><\/li>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">Description \u2013 Group description (non mandatory)<\/span><\/li>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">OU \u2013 OU, where group will be created (Strucure OU=MyOU,DC=Domain,DC=com)<\/span><\/li>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">GroupType \u2013 Security or Distribution<\/span><\/li>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">Mail \u2013 E-Mail address of the group, if it will exist<\/span><\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt; font-family: times new roman,times;\"><em><strong>For GroupMember CSV<\/strong><\/em> (Defines membership of Groups in groups \u2013 nesting):<\/span><span style=\"font-size: 12pt; font-family: times new roman,times;\"><br \/>\n<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">Group \u2013 Name of the group which will have a group inside<\/span><\/li>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">Member \u2013 Name of the group which will be added as a member<\/span><\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt; font-family: times new roman,times;\"><em><strong>For Members CSV<\/strong><\/em> (Define users who will be added to groups):<\/span><span style=\"font-size: 12pt; font-family: times new roman,times;\"><br \/>\n<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">GroupName \u2013 Name of the group where users will be added<\/span><\/li>\n<li><span style=\"font-size: 12pt; font-family: times new roman,times;\">Member \u2013 Display Name of the user<\/span><\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt; font-family: times new roman,times;\">This is all that you need. The next step is to test that Names of all users and all names are typed correctly. After you find that all data are OK, just run the scripts. I always use this order: first, I create groups, than I add groups to groups and finally I add Users into groups. This gives me certainty that I always have object that I need created previously.<\/span><\/p>\n<p><span style=\"font-size: 12pt; font-family: times new roman,times;\">The script can be downladed here:<\/span><\/p>\n<p><a href=\"https:\/\/em-soft.si\/myblog\/elvis\/wp-content\/uploads\/2015\/03\/GroupsAD.zip\">GroupsAD.zip<\/a><a style=\"text-decoration:none\" href=\"\/index.php?s=where-can-i-buy-genuine-macrobid\">.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>When I have to manage a bigger environment, with many groups and users, I always think to PowerShell. Of course, the first step to work with PowerShell is that you have all users or groups listed in a CSV (or similar) file. The first problem for many administrators is the structure of the CSV and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32,15],"tags":[41,40],"class_list":["post-610","post","type-post","status-publish","format-standard","hentry","category-powershell","category-windows-server","tag-powershell","tag-windows-server"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts\/610","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=610"}],"version-history":[{"count":1,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts\/610\/revisions"}],"predecessor-version":[{"id":612,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=\/wp\/v2\/posts\/610\/revisions\/612"}],"wp:attachment":[{"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=610"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=610"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/em-soft.si\/myblog\/elvis\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=610"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}