Add-AdGroupMember cmdlet adds one or more users, computers, groups, or service accounts in active directory groups. You can use Add-AdGroupMember to add a computer to a group or security group.
In this article, I will explain how to use the Add-AdGroupMember cmdlet to add a computer to the ad group and add computers to a group from CSV with PowerShell.
Add Computer to Group
To add a computer to a group, use the Add-ADGroupMember cmdlet. You will need to specify the computer name and group name in the Add-ADGroupMember cmdlet.
Syntax and script to add a computer to the ad group as below
ADD-ADGroupMember -identity <group name> –members <SAMAccount name $>ADD-ADGroupMember -identity "RDPEnabled" –members "INCORP-AS-101$"
In the above PowerShell script to add a computer to a group, it adds a computer named INCORP-AS-101 to a group RDPEnabled.
Note in the above script, we have added $ at the end of a computer. $ refers to SAMAccountName on the computer name.
If you don’t specify SAMAccountName $ at the end of the computer instead, use the script given below.
ADD-ADGroupMember -identity "RDPEnabled" –members "INCORP-AS-101"
It will throw an error message as
Add-AdGroupmember : Cannot find an object with identity: 'INCORP-AS-101' under:You can use the above PowerShell script having the SAMAccountName of a computer to add a computer to a security group in the active directory using the Add-AdGroupMember cmdlet in PowerShell.
Add Computers to Group from CSV
You can use the Add-AdGroupMember cmdlet in PowerShell to add computers to the ad group from a CSV file.
Let’s consider an example, you have computer account names in a CSV file. You want to read the computer name from the CSV file and add a computer to a group.
Use the below script to add computers to ad group from CSV using the Add-AdGroupMember and Get-AdComputer cmdlet
$SecurityGroupname = "ITIS_SECURITY"
$ComputerList = Get-Content "D:\PowerShell\ComputerList.csv"
foreach ($Computer in $ComputerList)
{
Add-AdGroupmember -Identity $SecurityGroupname -Members (Get-ADComputer $computer)
}
In the above PowerShell script to add a computer to a security ad group,
$SecurityGroupname variable stores the security active directory group name.
$ComputerList variable stores the computer name retrieved using the Get-Content cmdlet.
Using the Foreach loop, it iterates over each computer and passes the computer object to the Add-AdGroupMember cmdlet.
The Add-AdGroupMember cmdlet uses the Identity parameter to specify group name and members parameter to specify computer object. We have used the Get-AdComputer cmdlet to get an ad computer from an active directory.
The above script will add computers to the ad group from a CSV file.
Cool Tip: How to use get-adprincipalgroupmembership in Active Directory!
Conclusion
I hope the above article on how to add a computer to a group using the Add-AdGroupMember cmdlet is useful to you.
You must use SamAccountName of computer $ while using computer name in Add-AdGroupMember, else it will throw an error “Add-AdGroupmember: cannot find an object with identity:”
You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.