Adding and removing users from groups

Add a user account to a group

ADSI
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace")
$service = $ns.GetServiceDirectly("localhost")

# Bind to the group
$groupDN = "CN=SalesGroup,CN=Groups,DC=domain,DC=com"
$group = $service.OpenObject("Adaxes://$groupDN", $null, $null, 0)

# Add user to group
$userDN ="CN=John Smith,CN=Users,DC=domain,DC=com"
$group.Add("Adaxes://$userDN")
PowerShell
Import-Module Adaxes

$identityGroup = "SalesGroup" # sAMAccountName
# $identityGroup = "CN=SalesGroup,CN=Groups,DC=domain,DC=com"  # DN
# $identityGroup = "{EB5FEB21-E648-42AD-B86C-89D3C6807953}" # GUID
# $identityGroup = "S-1-5-21-573937-2149998-410785" # SID

$identityUser = "jsmith" # sAMAccountName
# $identityUser = "CN=John Smith,CN=Users,DC=domain,DC=com"  # DN
# $identityUser = "{47058766-489A-449E-A7E4-7B84B05768FC}" # GUID
# $identityUser = "S-1-5-21-252558962-2120680786-1829143083-574510" # SID


Add-AdmGroupMember -Identity $identityGroup -Members $identityUser `
    -Server "domain.com" -AdaxesService localhost

Remove a user account from a group

ADSI
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")  

# Connect to the Adaxes service
$ns = New-Object("Softerra.Adaxes.Adsi.AdmNamespace") 
$service = $ns.GetServiceDirectly("localhost")  

# Bind to  the group
$groupDN = "CN=SalesGroup,CN=Groups,DC=domain,DC=com" 
$group = $service.OpenObject("Adaxes://$groupDN", $null, $null, 0)  

# Remove user from group
$userDN = "CN=John Smith,CN=Users,DC=domain,DC=com"
$group.Remove("Adaxes://$userDN")
PowerShell
Import-Module Adaxes

$identityGroup = "SalesGroup" # sAMAccountName
# $identityGroup = "CN=SalesGroup,CN=Groups,DC=domain,DC=com"  # DN
# $identityGroup = "{EB5FEB21-E648-42AD-B86C-89D3C6807953}" # GUID
# $identityGroup = "S-1-5-21-573937-2149998-410785" # SID

$identityUser = "jsmith" # sAMAccountName
# $identityUser = "CN=John Smith,CN=Users,DC=domain,DC=com"  # DN
# $identityUser = "{47058766-489A-449E-A7E4-7B84B05768FC}" # GUID
# $identityUser = "S-1-5-21-252558962-2120680786-1829143083-574510" # SID

Remove-AdmgroupMember -Identity $identityGroup -Members $identityUser `
    -Server "domain.com" -AdaxesService localhost -Confirm:$false

See also

© Softerra 2022. All rights reserved.
Send feedback