infoalias

Learn and guide others.

PowerShell

Adding bulk group members from trusted domain and local domain using PowerShell

Byamit_g

Mar 17, 2023 #add bulk users in group, #add users in group, #adding group member from trusted domain, #adding users from trusted domain in group, #powershell script for adding users in group 
# Set the domain names
$LocalDomain = "localdomain.local"
$TrustedDomain = "trusteddomain.local"

# Set the path to the trusted domain group
$TrustedDomainGroupPath = "LDAP://cn=TrustedDomainGroup,cn=Users,dc=trusteddomain,dc=local"

# Set the credentials for the trusted domain
$TrustedDomainCred = Get-Credential -UserName "trusteddomain\administrator" -Message "Enter the password for the trusted domain administrator account."

# Get the groups and members from the CSV file
$Groups = Import-Csv -Path "C:\Groups.csv"

# Loop through each group and add members
foreach ($Group in $Groups) {
    $GroupName = $Group.GroupName
    $GroupMembers = $Group.GroupMembers

    # Get the distinguished name of the group
    $GroupDN = (Get-ADGroup $GroupName).DistinguishedName

    # Loop through each group member and add to group
    foreach ($Member in $GroupMembers) {
        $MemberType = $Member.MemberType
        $MemberName = $Member.MemberName
        $MemberDomain = $Member.MemberDomain

        if ($MemberType -eq "Local") {
            # Add member from the local domain
            $LocalDomainUser = Get-ADUser -Identity $MemberName -Server $LocalDomain
            Add-ADGroupMember -Identity $GroupDN -Members $LocalDomainUser
        } elseif ($MemberType -eq "Trusted") {
            # Add member from the trusted domain
            $TrustedDomainContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext([System.DirectoryServices.AccountManagement.ContextType]::Domain, $TrustedDomain, $TrustedDomainCred.UserName, $TrustedDomainCred.GetNetworkCredential().Password)
            $TrustedDomainUser = [System.DirectoryServices.AccountManagement.UserPrincipal]::FindByIdentity($TrustedDomainContext, $MemberName)
            $LocalDomainUser = Get-ADUser -Filter {Enabled -eq $true -and ObjectGUID -eq $TrustedDomainUser.Guid.ToByteArray()} -Server $LocalDomain
            Add-ADGroupMember -Identity $GroupDN -Members $LocalDomainUser
        } else {
            Write-Warning "Invalid member type '$MemberType' for member '$MemberName' in group '$GroupName'. Skipping."
        }
    }
}

To use the script, save it as a .ps1 file and create a CSV file named “Groups.csv” with the following headers: GroupName, MemberType, MemberName, MemberDomain.

In the GroupName column, enter the name of the group you want to add members to. In the MemberType column, enter either “Local” or “Trusted” to indicate whether the member is from the local domain or the trusted domain. In the MemberName column, enter the username of the member. In the MemberDomain column, enter the domain name of the member (e.g. “localdomain.local” or “trusteddomain.local”).

Then, run the script in PowerShell and enter the password for the trusted domain administrator account when prompted. Note that you may need to adjust the domain names and trusted domain group path to fit your environment.

By amit_g

Welcome to my IT Infra Blog! My name is Amit Kumar, and I am an IT infrastructure expert with over 11 years of experience in the field. Throughout my career, I have worked with a wide variety of systems and technologies, from network infrastructure and cloud computing to hardware and software development. On this blog, I aim to share my knowledge, insights, and opinions on all things related to IT infrastructure. From industry trends and best practices to tips and tricks for managing complex systems, my goal is to provide valuable information that will help IT professionals and enthusiasts alike. Whether you are a seasoned IT veteran or just getting started in the field, I hope you will find my blog to be a valuable resource. In addition to sharing my own thoughts and ideas, I also welcome feedback, comments, and questions from my readers. I believe that a collaborative approach is the best way to advance the field of IT infrastructure and I look forward to hearing from you. Thank you for visiting my blog, and I hope you will continue to follow along as I explore the fascinating world of IT infrastructure. Sincerely, Amit Kumar

Related Post

PowerShell Security Windows

How to Detect Banned Passwords in Active Directory Using PowerShell and DSInternals

Sep 22, 2024 amit_g
PowerShell Windows

Converting a SID to a Username in PowerShell

Sep 21, 2024 amit_g
PowerShell

Bulk user password reset powershell script

Apr 14, 2024 amit_g

Leave a Reply

Your email address will not be published. Required fields are marked *

You missed

CompTIA Security+ SY0-701

Module 7: Functional Controls for information security

CompTIA Security+ SY0-701

Module 6: Governance, Risk and Compliance framework

CompTIA Security+ SY0-701

Module 5: Operations and Incident Response

CompTIA Security+ SY0-701

Module 4: Implementation security measures across systems