Copy members of one AD group to another group

Active DirectoryToday I needed to copy about 300 users from one AD group to another and there was no way I was going to do that manually.  So I started looking in to what PowerShell can do adn here is what I found:

First we use dsquery to find the fully distinguished name of the groups we want to copy from and to:

dsquery group -name "group from"
> "CN=GROUP FROM,OU=Access Groups,DC=ABC,DC=LOCAL"
dsquery group -name "group to"
> "CN=GROUP TO,OU=Access Groups,DC=ABC,DC=LOCAL"

Next we need to load the Quest AD snappin if it isn’t already loaded:

add-pssnapin Quest.ActiveRoles.ADManagement

Now we have enough information to be able to form our Powershell command (note that this is a single command line broken up with backticks):

Get-QADGroupMember -Identity "CN=GROUP FROM,OU=Access Groups,DC=ABC,DC=LOCAL" `
-type 'user' -indirect | %{Add-QADGroupMember `
-Identity "CN=GROUP TO,OU=Access Groups,DC=ABC,DC=LOCAL" -member $_}

Job done.

Posted on August 3, 2012 at 11:19 by simon · Permalink
In: AD, Power Shell · Tagged with: , , , ,

Leave a Reply