0 votes

I hope this is an easy request but I'm a little limited with my Powershell scripting shells so I've run in to some issues.

What I want to do is create a security group after a I create a new user based on the Company AD field. Ideally I'd like the scrip to check to see if the security group exists, if it doesn't, create the security group and add the user to the group but if the group already exists then just add the user to the existing group. so for example:

Portal creates user1 with the company of company1
Portal creates group company1
Portal adds user1 to the company1 security group
Portal creates user2 with the company of company1
Portal adds user2 to the company1 security group

Here is what I have for my powershell script so far:

New-ADGroup -Name %company% -Path "OU=Customer Security Groups,OU=Groups,OU=CSN,DC=domain,DC=com" -groupScope global
Add-ADGroupMember -Identity %company% -Members %sAMAccountName%

But I get this error:
The term 'New-ADGroup' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
The term 'New-ADGroupMember' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Can someone point me in the right direction?

thanks
Jim

by (140 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer

Hello Jim,

Try this one:

Import-Module Adaxes

$pathForGroups = "OU=Customer Security Groups,OU=Groups,OU=CSN,DC=domain,DC=com" # TODO: Modify me

# Check if the group already exists
$group = Get-AdmGroup -Filter {name -eq "%company%"} -ErrorAction silentlycontinue
if ($group -eq $NULL)
{
    # If the group doesn't exist, create it
    $group = New-AdmGroup -Name "%company%" -Path $pathForGroups -GroupCategory 1 -GroupScope global -PassThru
}

# Add the user to the group
Add-AdmGroupMember -Identity $group.DistinguishedName -Members "%distinguishedName%"

In the script, $pathForGroups specifies the DN of the OU where new groups will be created. Modify it, if necessary.

For information on how to run the script automatically after creating a user, see the following tutorial: http://www.adaxes.com/tutorials_Automat ... ngUser.htm.

0

Works great, thanks.

Related questions

0 votes
1 answer

Hello, We would like to implement a form / extend one where a user (eventually created before) is made member of a security group defining his/her role, and ... guarantee the membership to a single role? Apologize if the question seems convoluted. Thanks!

asked Jun 6, 2023 by IT Division (20 points)
0 votes
1 answer

Hello, Similar to exporting the members of a group to a csv file: https://www.adaxes.com/script-repository/export-group-members-to-csv-file-s184.htm I am looking to ... would like to include the memberof csv report in the email as well. Thanks in advance!

asked Feb 7, 2023 by JonnyBGood (20 points)
0 votes
1 answer

I have 18 domains managed by Adaxes and have noticed that Admin (full access) t all objects acts normally, but for piecemeal scopes like Service Desk that scopes to individual ... role (including 16 denies) and expect it to grow as we add more domains.

asked Sep 20, 2022 by DA-symplr (100 points)
0 votes
1 answer

We have RBAC groups inside an OU. We would like to restrict users from being added to multiple RBAC groups at a time. For example: RBAC Roles OU Sales RBAC Group ... groups outside of this OU structure though. What's the best way to achieve this? Thanks

asked Oct 13, 2021 by bavery (250 points)
0 votes
1 answer

Is it possible to script having users added (or removed) from a Security Group based on another AD Attribute? I have found ways to do this in Powershell (something like): ... just utilize the PS script and just run it through Adaxes on a timed fashion? Thanks!

asked Oct 7, 2014 by PunkinDonuts (360 points)
3,549 questions
3,240 answers
8,232 comments
547,814 users