Add AD Object to Local Group Powershell Tool Help File

Author: Ron Ratzlaff (aka “The_Ratzenator”)

Date: 3\10\2015

Add AD Object to Local Group PowerShell Tool Help File

The help information provided below can also be viewed by using the following syntax:

Get-HelpAdd-ADObjectToLocalGroup –Full

Help Info

NAME

Add-ADObjectToLocalGroup

SYNOPSIS

Adds specified Active Directory user or group objects to specified computers' local

groups

SYNTAX

Add-ADObjectToLocalGroup [[-ComputerName] <Array>] [[-DomainName] <String>]

[[-ADObjectName] <Array>] [[-LocalGroupName] <String>] [<CommonParameters>]

DESCRIPTION

The "Add AD Object to Local Groups PowerShell Tool" uses the [ADSISearcher] type

accelerator to locate the AD objects and then uses the [ADSI] type accelerator to add

those objects to specified local groups on specified computers. The script will run

check if the domain exist, if so, it will then check to see if each specified AD

object exist in the domain, if so, it will then check to see if the specified

computers are online, if so, then it will check if those AD objects are already

members of the specified local group on each specified computer, if not, then it will

add those AD objects to the specified local group on each specified computer. This

script allows the following AD objects to be added to local groups: Computer objects,

User objects, and Group objects.

PARAMETERS

-ComputerName <Array>

Used to query a single computer or multiple computers. The default is the local

computer.

Required? false

Position? 1

Default value $env:COMPUTERNAME

Accept pipeline input? false

Accept wildcard characters? false

-DomainName <String>

Used to specify a single domain. The default is the current user AD domain.

Required? false

Position? 2

Default value $env:USERDOMAIN

Accept pipeline input? true (ByValue, ByPropertyName)

Accept wildcard characters? false

-ADObjectName <Array>

Used to specify the name of either a single Active Directory user or group, or

multiple users or groups. The default is the current logged on AD user account.

Required? false

Position? 3

Default value $env:USERNAME

Accept pipeline input? true (ByValue, ByPropertyName)

Accept wildcard characters? false

-LocalGroupName <String>

Used to specify the name of either a single Active Directory user or group, or

multiple users or groups. The default is the local Administrators group

Required? false

Position? 4

Default value Administrators

Accept pipeline input? true (ByValue, ByPropertyName)

Accept wildcard characters? false

<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,

ErrorAction, ErrorVariable, WarningAction, WarningVariable,

OutBuffer, PipelineVariable, and OutVariable. For more information, see

about_CommonParameters (

INPUTS

OUTPUTS

------EXAMPLE 1 ------

C:\PS>To add the default current logged on AD user account to the default local

administrators group on the default local computer using the default local AD domain:

Add-ADObjectToLocalGroup

------EXAMPLE 2 ------

C:\PS>To add a specified AD group to the default local admininstrators group on the

default local computer using a specified AD domain:

Add-ADObjectToLocalGroup -Domain 'MyDomain' -ADObject 'Group1'

------EXAMPLE 3 ------

C:\PS>To add multiple specified AD users to the specified local Remote Desktop Users

group on a specified computer in a specifed domain:

Add-ADObjectToLocalGroup -ComputerName 'Computer1' -Domain 'MyDomain' -ADObject

('User1', 'User2', 'User3') -LocalGroupName 'Remote Desktop Users'

------EXAMPLE 4 ------

C:\PS>To add multiple specified AD groups to the specified local Backup Operators

group on a specified computer in a specified AD domain:

Add-ADObjectToLocalGroup -ComputerName 'Computer1' -Domain 'MyDomain' -ADObject

('Group1', 'Group2', 'Group3') -LocalGroupName 'Backup Operators'

------EXAMPLE 5 ------

C:\PS>To add multiple specified AD users and AD groups to the specifed local Users

group on a specified computer in the default AD domain:

Add-ADObjectToLocalGroup -ComputerName 'Computer1' -ADObject ('User1', 'User2',

'User3', 'Group1', 'Group2', 'Group3') -LocalGroupName 'Users'

------EXAMPLE 6 ------

C:\PS>To add the default current logged on AD user account to the default local

Administrators group on multiple specified computers in the default AD domain:

Add-ADObjectToLocalGroup -ComputerName ('Computer1', 'Computer2', 'Computer3')

------EXAMPLE 7 ------

C:\PS>To add a specified AD group to the specified local Remote Desktop Users group on

multiple specified computers in a specified AD domain:

Add-ADObjectToLocalGroup -ComputerName ('Computer1', 'Computer2', 'Computer3') -Domain

'MyDomain' -ADObject 'Group1' - LocalGroupName 'Remote Desktop Users'

------EXAMPLE 8 ------

C:\PS>To add multiple specified AD users and AD groups to the specified local Backup

Operators group on multiple specified computers in a specified AD domain:

Add-ADObjectToLocalGroup -ComputerName ('Computer1', 'Computer2', 'Computer3') -Domain

'MyDomain' -ADObject ('User1', 'User2', 'User3', 'Group1', 'Group2', 'Group3')

-LocalGroupName 'Backup Operators'

------EXAMPLE 9 ------

C:\PS>To add multiple specified AD users and AD groups to the specified Users local

group on multiple specified computers and display the output to the host as well as to

a log file:

Add-ADObjectToLocalGroup -ComputerName ('Computer1', 'Computer2', 'Computer3') -Domain

'MyDomain' -ADObject ('User1', 'User2', 'User3', 'Group1', 'Group2', 'Group3')

-LocalGroupName 'Users' | Tee-Object -FilePath "$env:TEMP\Add-ADObjectToLocalGroup.log"

------EXAMPLE 10 ------

C:\PS>To add multiple specified AD users and AD groups to the default Administrators

group on multiple specified computers and display the output to a log file only:

Add-ADObjectToLocalGroup -ComputerName ('Computer1', 'Computer2', 'Computer3') -Domain

'MyDomain' -ADObject ('User1', 'User2', 'User3', 'Group1', 'Group2', 'Group3') |

Out-File -FilePath "$env:TEMP\Add-ADObjectToLocalGroup.log"

RELATED LINKS