Copy members of one AD group to another group
Today I needed to copy about 300 users from one AD group to another and there was no way I was going to do that manually. So I started looking in to what PowerShell can do adn here is what I found:
First we use dsquery to find the fully distinguished name of the groups we want to copy from and to:
dsquery group -name "group from" > "CN=GROUP FROM,OU=Access Groups,DC=ABC,DC=LOCAL"
dsquery group -name "group to" > "CN=GROUP TO,OU=Access Groups,DC=ABC,DC=LOCAL"
Next we need to load the Quest AD snappin if it isn’t already loaded:
add-pssnapin Quest.ActiveRoles.ADManagement
Now we have enough information to be able to form our Powershell command (note that this is a single command line broken up with backticks):
Get-QADGroupMember -Identity "CN=GROUP FROM,OU=Access Groups,DC=ABC,DC=LOCAL" ` -type 'user' -indirect | %{Add-QADGroupMember ` -Identity "CN=GROUP TO,OU=Access Groups,DC=ABC,DC=LOCAL" -member $_}
Job done.
Posted on August 3, 2012 at 11:19 by simon · Permalink
In: AD, Power Shell · Tagged with: AD, copy, dsquery, PowerShell, users
In: AD, Power Shell · Tagged with: AD, copy, dsquery, PowerShell, users