Adding groups to AD user with a ps1 script
Question
With following script I'd like to add a group to an AD user, but it doesn't do it, and I get no error.
param($Userid,$AdditionalGroup)
# Get user
$User = Get-ADUser `
-Filter "SamAccountName -eq $Userid"
# Add comment
Add-ADGroupMember `
-Identity $AdditionalGroup `
-Members $User
3 answers
solution1
2 ACCPTED 2018-03-15 08:45:33
Filtering like that didn't work for me (and generated an error), however adding ' before and after $Userid did the trick.
param($Userid,$AdditionalGroup)
# Get user
$User = Get-ADUser `
-Filter "SamAccountName -eq '$Userid'"
# Add comment
Add-ADGroupMember `
-Identity $AdditionalGroup `
-Members $User
solution2
1 2018-03-15 09:48:52
As you're only doing a straight -eq match on sAMAccountName you don't need to use -Filter , the Identity param will accept this along with other inputs:
- A distinguished name
- A GUID (objectGUID)
- A security identifier (objectSid)
- A SAM account name (sAMAccountName)
Which makes your code very simple:
$User = Get-ADUser -Identity $Userid
To simplify it even further, you don't even need to use Get-ADUser at all!
Add-ADGroupMember -Members ( link ) accepts the same parameters as I mentioned for Identity ...
So you can use $UserID directly:
param($Userid,$AdditionalGroup)
Add-ADGroupMember -Identity $AdditionalGroup -Members $UserID
solution3
0 2018-03-15 09:13:33
这也将起作用(不使用单引号):
$User = Get-ADUser -Filter {SamAccountName -eq $Userid}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.