stackoom
  简体   繁体   中英

Replace AD Group in Exchange with Users in that AD Group

 原文  2017-02-22 15:20:18       powershell/ active-directory/ exchange-server

Question

We have to migrate to Microsoft Azure and since Azure cant handle AD Groups in Exchange I have to get the members of a spezifc group and then add them to exchange. So I thought I can achive this with powershell.

The princip:

I have the Mailbox Name and the Group that has to be extracted in a csv like this:

Mailbox1 GroupForMailbox1

Mailbox2 GroupForMailbox2

Mailbox2 GroupForMailbox2

I know how to extract all users out of a group: 

Get-ADGroupMember -identity "GroupForMailbox1" -Recursive

But the problem is, that there is a Group in this Group which I dont want to get the users out of it. Let me call that "ExcludedGroup". How can I get all AD Group Members except the ones of the Group "ExcludedGroup"?

Then I have to put those AD Members to the specific mailbox: 

$Users= "Users that I've got out of the upper command"

foreach ($Users){

Add-MailboxPermission -Identity "Mailbox1" -User $Users Accessright Fullaccess -InheritanceType all
}

But i cant fit everything of this in one Script because of lack of knowledge.

And I cant find something on the internet althought it is a real problem with azure.

I thought someone out there can help me out.

1 answers

solution1
 1 ACCPTED  2017-02-22 21:39:53

Something like this? 

#Sample data
$csv = @"
Mailbox,GroupName
Mailbox1,GroupForMailbox1
Mailbox2,GroupForMailbox2
Mailbox2,GroupForMailbox2
"@ | ConvertFrom-Csv

#Uncomment to import file
#$csv = Import-CSV -Path MyInputFile.csv

$ExcludedUsers = Get-ADGroupMember -Identity "ExcludedGroup" -Recursive | Select-Object -ExpandProperty SamAccountName

$csv | ForEach-Object {
    $mailbox = $_.Mailbox

    #Get members for group
    Get-ADGroupMember -Identity $_.GroupName -Recursive |
    #Remove unwanted users and keep only user objects (remove groups, computers etc.)
    Where-Object { ($ExcludedUsers -notcontains $_.SamAccountName) -and ($_.objectclass -eq 'user') } |
    ForEach-Object {
        #Grant each group member permission
        Add-MailboxPermission -Identity $mailbox -User $_.SamAccountName -AccessRights FullAccess -InheritanceType All
    }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Get Specific AD Users from AD Group Add An AD Attribute To All Users In an AD Group List group memberships for AD users How to get users of a group in a group AD PowerShell Script to add users of particular AD OU to another AD group PowerShell Add AD users to AD group by UPN from CSV How to list AD group membership for AD users using input list? Powershell script to display all Users in a Group AD Add users to a certain AD group depending on their Department See if a any of a list of users, is a member of an AD group
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM