在AD组中查找用户并将其添加到另一个组
[英]Find users in AD group and add them into another group
问题描述
I have Kerio Connect server and it doesn't allow group inheritance. 
我有Kerio Connect服务器,它不允许组继承。 So I need to create one group for mail and another group for AD with similar users. 因此,我需要为邮件创建一个组,为具有相似用户的AD创建另一个组。
I wrote: 我写:
Import-Module ActiveDirectory
Get-ADGroupMember -Identity Sales.Department |select SamAccountName |ForEach-Object {Add-ADGroupMember -Identity sales.mail -Members $_.SamAccountName}
And I need to make it for all groups with expression *.Department and mail groups with *.mail 我需要对所有带有* .mail表达式的组进行设置。
2 个解决方案
解决方案1
1 2014-11-25 13:21:14
Retrieve the group members of sales.department using Get-ADGroup and then add the group members to sales.mail using Add-ADGroupMember 使用Get-ADGroup检索Get-ADGroup的组成员,然后使用Add-ADGroupMember将组成员Add-ADGroupMember
$MemberList = (Get-ADGroup -Identity "sales.department" -Properties member).member
Add-ADGroupMember -Identity "sales.mail" -Members $MemberList
解决方案2
0 2018-04-06 15:34:51
为此,您最好使用Add-ADPrincipalGroupMembership cmdlet而不是Add-ADGroupMember :对我来说,它运行良好:
Get-ADGroupMember -Identity Source-Group-Name |select SamAccountName |ForEach-Object {Add-ADPrincipalGroupMembership -Identity $_.SamAccountName -MemberOf Target-Group-Name}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.