wiki.getshifting.com

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools

Trace: Organization Change - Bulk AD Changes - Groups - Departments
adusersadgroups

Table of Contents

Organization Change - Bulk AD Changes - Groups - Departments

Summary: A few scripts to create bulk changes in AD groups or on users.
Date: Around 2017
Refactor: 20 February 2025: Checked links and formatting.

,

The scripts below will give you a taste of adding or removing groups based on a CSV inputfile.

Add Users to Group

### Quick script for adding users in to groups based on a CSV input file
 
Start-Transcript "outputfileadd.log"
 
### CSV Variables
### CSV Format
### Header: UserSamAccountName,GroupSamAccountName
### Datalines: samaccountname,samaccountname
$csvfile = "\\filerepository\dfs\SCRIPT_REPOSITORY$\Organizational changes\orgchangeinput-add.csv"
 
### Get all changes from inputfile
$changes = Import-CSV $csvfile
 
### Get number of changes
$changescount = $changes.count
Write-host "Number of changes in csv: $changescount " -ForegroundColor green
 
Read-Host -Prompt 'You are about to add group memberships to AD. If you are sure, press ENTER to continue or close the script to cancel'
 
ForEach ($change in $changes){
  $usersam = $change.UserSamAccountName
  $groupsam = $change.GroupSamAccountName
  #Check for valid user
  if (Get-ADObject -Filter {objectClass -eq "user" -and samAccountName -eq $usersam}){
    #User is valid
    #now check for valid group
    if (Get-ADObject -Filter {objectClass -eq "group" -and samAccountName -eq $groupsam}){
      #Group is valid, we can add the user to the group
      Add-ADGroupMember -Identity $groupsam -Members $usersam -Confirm:$false
      Write-Host "Success. Added $usersam to $groupsam" -ForegroundColor green
    }else{
      # Group is not valid
      Write-Host "Failed. $groupsam is not a valid Group SamAccountName" -ForegroundColor red
    }
  }else{
  #user is not valid
  Write-Host "Failed. $usersam is not a valid User SamAccountName" -ForegroundColor red
  }
}
 
Stop-Transcript

Remove Users from Group

### Quick script for adding users in to groups based on a CSV input file
 
Start-Transcript "outputfileremove.log"
 
### CSV Variables
### CSV Format
### Header: UserSamAccountName,GroupSamAccountName
### Datalines: samaccountname,samaccountname
$csvfile = "\\filerepository\dfs\SCRIPT_REPOSITORY$\Organizational changes\orgchangeinput-remove.csv"
 
### Get all changes from inputfile
$changes = Import-CSV $csvfile
 
### Get number of changes
$changescount = $changes.count
Write-host "Number of changes in csv: $changescount " -ForegroundColor green
 
Read-Host -Prompt 'You are about to remove group memberships to AD. If you are sure, press ENTER to continue or close the script to cancel'
 
ForEach ($change in $changes){
  $usersam = $change.UserSamAccountName
  $groupsam = $change.GroupSamAccountName
  #Check for valid user
  if (Get-ADObject -Filter {objectClass -eq "user" -and samAccountName -eq $usersam}){
    #User is valid
    #now check for valid group
    if (Get-ADObject -Filter {objectClass -eq "group" -and samAccountName -eq $groupsam}){
      #Group is valid, we can add the user to the group
      Remove-ADGroupMember -Identity $groupsam -Members $usersam -Confirm:$false
      Write-Host "Success. Removed $usersam from $groupsam" -ForegroundColor green
    }else{
      # Group is not valid
      Write-Host "Failed. $groupsam is not a valid Group SamAccountName" -ForegroundColor red
    }
  }else{
  #user is not valid
  Write-Host "Failed. $usersam is not a valid User SamAccountName" -ForegroundColor red
  }
}
Stop-Transcript

Change Department

### Quick script for adding users in to groups based on a CSV input file
 
Start-Transcript "outputfiledepartment.log"
 
### CSV Variables
### CSV Format
### Header: UserSamAccountName,DepartmentName
### Datalines: samaccountname,department
$csvfile = "\\networkstorage\dfs\SCRIPT_REPOSITORY$\Org changes\2019-March\departmentinput.csv"
 
### Get all changes from inputfile
$changes = Import-CSV $csvfile
 
### Get number of changes
$changescount = $changes.count
Write-host "Number of changed departments in csv: $changescount " -ForegroundColor green
 
Read-Host -Prompt 'You are about to add change departments for users in AD. If you are sure, press ENTER to continue or close the script to cancel'
 
ForEach ($change in $changes){
  $usersam = $change.UserSamAccountName
  $department = $change.DepartmentName
  #Get Current department
  $user = Get-ADUser $usersam -properties samaccountname,department
  $currentdepartment = $user.department
  Write-host "$usersam : Change $currentdepartment to $department " -ForegroundColor green
  Set-ADUser $usersam -Department $department
}
Stop-Transcript

Check

# get all ad users
$adusers = Get-ADUser -Filter * -properties * -SearchBase "OU=Users,OU=DELFT,DC=ad,DC=shift,DC=com"
 
$csv = "orgcheck.csv"
 
$allusers = @()
 
Foreach ($user in $adusers){
  $userinfo = "" | select Name,SamAccountName,Department,Title,enabled,Groups
  $userinfo.name = $user.name
  $sam = $user.samaccountname
  $userinfo.samaccountname = $sam
  $userinfo.department = $user.department
  $userinfo.title = $user.title
  $userinfo.enabled = $user.enabled
  $groups = "No group Membership"
  $groups = Get-ADUser $sam -Properties memberof | select -ExpandProperty memberof
  $allgroups = $groups -join '; '
  $userinfo.groups = $allgroups
  $allusers += $userinfo
}
 
$allusers | export-csv -notypeinformation $csv
 
Send-MailMessage -To "sjoerd_getshifting.com" -From "sjoerd_getshifting.com" -SmtpServer "smtp" -Subject "Org change controle csv" -Body "See attachment" -BodyAsHtml -Attachments $csv
adusersadgroups.txt · Last modified: by 127.0.0.1