[英]PowerShell: Add Users to AD and Add them in Groups
I have script which is working fine, which creates a new Active Directory user. 我的脚本运行良好,可以创建一个新的Active Directory用户。 I need to modify the script to add the user to their security group.
我需要修改脚本以将用户添加到其安全组。
Here is what the contents of my CSV file look like: 以下是我的CSV文件的内容:
Firstname,Lastname,Password,Sam,Group
Alice,Gadbois,azerty+123,a.gadbois,GG1
Quincy,Lagueux,azerty+123,q.lagueux,GG1
and here is my PowerShell script: 这是我的PowerShell脚本:
$objOU = [ADSI]"LDAP://OU=TestOU,DC=Domain,DC=local";
$dataSource = import-csv -Path "c:\users.csv";
foreach($dataRecord in $datasource) {
$cn = $dataRecord.FirstName + " " + $dataRecord.LastName
$sAMAccountName = $dataRecord.Sam
$givenName = $dataRecord.FirstName
$Password = $dataRecord.Password
$sn = $dataRecord.LastName
$sAMAccountName = $sAMAccountName.ToLower()
$displayName = $sn + ", " + $givenName
$userPrincipalName = $sAMAccountName + “@domain.local"
$objUser = $objOU.Create("user","CN="+$cn)
$objUser.Put("sAMAccountName",$sAMAccountName)
$objUser.Put("userPrincipalName",$userPrincipalName)
$objUser.Put("displayName",$displayName)
$objUser.Put("givenName",$givenName)
$objUser.Put("sn",$sn)
$objUser.SetInfo()
$objUser.psbase.InvokeSet(“AccountDisabled",$false)
$objUser.SetInfo()
}
I need to add a new command in the script, to add each user to his group. 我需要在脚本中添加新命令,以将每个用户添加到他的组中。
Use the ActiveDirectory
PowerShell module that's included with the Remote Server Administration Tools (RSAT). 使用远程服务器管理工具(RSAT)附带的
ActiveDirectory
PowerShell模块。 It has a command called Add-ADGroupMember
. 它具有一个名为
Add-ADGroupMember
的命令。
http://technet.microsoft.com/en-us/library/ee617210.aspx http://technet.microsoft.com/zh-CN/library/ee617210.aspx
Here you go: 干得好:
As Trevor said, you need to import the Active Directory module at the top of your script. 正如Trevor所说,您需要在脚本顶部导入Active Directory模块。
Import-module ActiveDirectory
And then within your foreach loop, you can add the Add-ADGroupMember Command. 然后在foreach循环中,可以添加Add-ADGroupMember命令。
foreach($dataRecord in $datasource) {
$cn = $dataRecord.FirstName + " " + $dataRecord.LastName
$sAMAccountName = $dataRecord.Sam
$givenName = $dataRecord.FirstName
$Password = $dataRecord.Password
$sn = $dataRecord.LastName
$sAMAccountName = $sAMAccountName.ToLower()
$displayName = $sn + ", " + $givenName
$userPrincipalName = $sAMAccountName + “@domain.local"
$objUser = $objOU.Create("user","CN="+$cn)
$objUser.Put("sAMAccountName",$sAMAccountName)
$objUser.Put("userPrincipalName",$userPrincipalName)
$objUser.Put("displayName",$displayName)
$objUser.Put("givenName",$givenName)
$objUser.Put("sn",$sn)
$objUser.SetInfo()
$objUser.psbase.InvokeSet(“AccountDisabled",$false)
$objUser.SetInfo()
Add-ADGroupMember -Identity $dataRecord.Group -Member $sAMAccountName
}
Troubleshooting 故障排除
Verify that each user has group properly assigned: 验证每个用户都有正确分配的组:
$users = Import-Csv "Path_To_File.csv"
$users | % {
$_.Group
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.