Add Group as member of multiple other AD groups. RRS feed

  • Question

  • Hi,

    I'd like to add one AD Group as member of multiple other AD groups.

    Therefore I used:

    Get-ADGroup -filter {name -like '*AppV5*'} | select-object name | Out-File c:\AppV5Groups.txt
    $AppVGroups = Get-Content C:\APpV5Groups.txt
    ForEach ($item in $AppVGroups) { Add-ADGroupMember -Identity $item -Members 'TargetADGroup'}

    but get the error:
    Add-ADGroupMember : Cannot find an object with identity: '' under: 'DC=ourdomain,DC=ourcompany,DC=com'.

    $AppVgroups lists all members correctly

    I could ask for full name of each $item so it would show AD location but 
    Add-ADGroupMember -Identity 'TestGroup' -Members 'TargetADGroup' works correctly
    so don't get it why this wouldn't work


    Jan Hoedt

    Friday, November 18, 2016 4:13 PM


All replies

  • Get-ADGroup -filter {name -like '*AppV5*'} | Foreach {
        Add-ADGroupMember -Identity $_.SamAccountName -Members 'TargetADGroup'

    Edit this in your code

    Get-ADGroup -filter {name -like '*AppV5*'} | select-object -Expandproperty SamAccountName | Out-File c:\AppV5Groups.txt

    Friday, November 18, 2016 4:21 PM
  • The -Identity parameter of Add-ADGroupMember requires either the sAMAccountNane or the distinguishedName (or the SID or GUID) of the group. The Name (the Relative Distinguished Name) does not uniquely identify the object.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Friday, November 18, 2016 4:30 PM
  • $GRP = (Get-ADGroup -filter {name -like '*appv5*'} ).SamAccountName
    Add-ADPrincipalGroupMembership -Identity TargetADGroup -MemberOf $GRP

    Friday, November 18, 2016 4:31 PM