none
Add Users to a security group from a txt or csv file RRS feed

  • Question

  • I am trying to add the contents of a txt file to an AD security group using powershell, it acts like it works (drops down to a c:\ with no errors).....but nobody is in the group. I have tried with a csv file and a txt file. The file contains the samaccountname property. So, if you open the text file you would just see "testbox" without the quotes (this is the sam account name for the user). I am running this on a server, I am a domain admin, and the users and group are in the same domain. I am making this way to hard. Here is my scipt when trying with a csv file (GRP_PE is the name of the security group):

    Import-CSV "C:\temp\pe.csv" | % { Add-ADGroupMember -Identity "grp_PE" $_.samaccountname}

    I am running this in the "AD module for windows powershell"


    HDL

    Thursday, August 11, 2016 4:35 PM

Answers

  • Get-Content .\userList.txt | ForEach-Object {
    
        try {
        
            $user = Get-ADUser -Identity $_ -ErrorAction Stop
    
        } catch {
    
            Write-Warning "Cannot find user account for $_"
    
        }
    
        If ($user) {
    
            Write-Host "Processing $($user.SamAccountName)" -ForegroundColor Green
    
            Add-ADGroupMember -Identity grp_PE -Members $user
    
        }
    
    }


    • Marked as answer by Winterthur Thursday, August 11, 2016 8:19 PM
    Thursday, August 11, 2016 8:11 PM

All replies

  • Import-CSV C:\temp\pe.csv |
    	%{ 
    	$user = Get-Aduser $_.samaccountname
    	Add-ADGroupMember -Identity grp_PE -Members $user
    }

    You have to use the user object to add:


    \_(ツ)_/

    Thursday, August 11, 2016 4:50 PM
  • Appreciate the quick feed back, same result. It drops down to the c: prompt like it was successful (it isn't waiting for input) but there is nothing in the group (I have waited long enough for it to show up, so it isn't a replication issue).

    HDL

    Thursday, August 11, 2016 5:00 PM
  • Good Day

    Can you try this

    Get-Content 'C:\temp\pe.txt' | Foreach-Object {
    	$User = (Get-Aduser -Identity $_).samaccountname
    	Add-ADGroupMember -Identity grp_PE -Members $User

    Regards

    Thursday, August 11, 2016 7:17 PM
  • Progress, many thanks. The problem now is that it only adds the last user in the text file. So, it must not like my format. The text file looks like this (these are dummy sam accounts):

    jasklig
    fromgui
    heftnic

    The only one it adds is heftnic. Do I need something in the script that says "read this line, then read this line"?


    HDL

    Thursday, August 11, 2016 7:53 PM
  • Do I need something in the script that says "read this line, then read this line"?

    No, that's what ForEach-Object does.

    I suggest adding the -Server parameter so you know which DC to check.


    Thursday, August 11, 2016 7:56 PM
  • Good Day

    Can you try this

    Get-Content 'C:\temp\pe.txt' | Foreach-Object {
    	$User = (Get-Aduser -Identity $_).samaccountname
    	Add-ADGroupMember -Identity grp_PE -Members $User

    Regards


    This will not work.

    \_(ツ)_/

    Thursday, August 11, 2016 7:59 PM
  • Appreciate the quick feed back, same result. It drops down to the c: prompt like it was successful (it isn't waiting for input) but there is nothing in the group (I have waited long enough for it to show up, so it isn't a replication issue).

    HDL

    You do not have a CSV file.

    Try it this way to wee what you have:

    Import-Csv C:\temp\pe.csv

    What does it display?


    \_(ツ)_/


    • Edited by jrv Thursday, August 11, 2016 8:01 PM
    Thursday, August 11, 2016 8:01 PM
  • Well, it is progress in that it adds 1 user from the text file. I just need to figure out what it won't go to the next user and add him, then to the next and so on.

    HDL

    Thursday, August 11, 2016 8:02 PM
  • Well, it is progress in that it adds 1 user from the text file. I just need to figure out what it won't go to the next user and add him, then to the next and so on.

    HDL

    Pease do the test I poste.  It will tell you and us what the issue is.


    \_(ツ)_/

    Thursday, August 11, 2016 8:08 PM
  • Get-Content .\userList.txt | ForEach-Object {
    
        try {
        
            $user = Get-ADUser -Identity $_ -ErrorAction Stop
    
        } catch {
    
            Write-Warning "Cannot find user account for $_"
    
        }
    
        If ($user) {
    
            Write-Host "Processing $($user.SamAccountName)" -ForegroundColor Green
    
            Add-ADGroupMember -Identity grp_PE -Members $user
    
        }
    
    }


    • Marked as answer by Winterthur Thursday, August 11, 2016 8:19 PM
    Thursday, August 11, 2016 8:11 PM
  • Perhaps I misunderstood you. You just want me to run Import-Csv C:\temp\pe.csv? I did that and it just returns back to the prompt as if it was done.

    HDL

    Thursday, August 11, 2016 8:14 PM
  • Perhaps I misunderstood you. You just want me to run Import-Csv C:\temp\pe.csv? I did that and it just returns back to the prompt as if it was done.

    HDL

    That is why I said it is not a CSV file.  It is an empty file. Open it in notepad to see why it appears to be empty:

    notepad C:\temp\pe.csv


    \_(ツ)_/

    Thursday, August 11, 2016 8:16 PM
  • Great, that actually worked.....no errors. Can you explain why this worked? Thank you so much.

    HDL

    Thursday, August 11, 2016 8:19 PM
  • Great, that actually worked.....no errors. Can you explain why this worked? Thank you so much.

    HDL

    I will just say that what the fundamental issue what that you do not have a csv file.  Mike used the same classic method as I did but used a text file.  I posted the questions to try to get you to see why you were having issues.  It had to be one or the other.  I posted because it is an important thing to understand going forward.


    \_(ツ)_/

    Thursday, August 11, 2016 8:30 PM
  • Good Day

    Can you try this

    Get-Content 'C:\temp\pe.txt' | Foreach-Object {
    	$User = (Get-Aduser -Identity $_).samaccountname
    	Add-ADGroupMember -Identity grp_PE -Members $User

    Regards


    This will not work.

    \_(ツ)_/

    Can you explain why it will not work?
    Thanks

    Thursday, August 11, 2016 8:47 PM
  • Can you explain why it will not work?
    Thanks

    As demonstrated above you cannot use SamAccountName to add users to a group. Use either the distinguished name or the user object.  YOu are just using the samname tto get to object and then extracting the same samname.  Not really what we want.


    \_(ツ)_/

    Thursday, August 11, 2016 9:00 PM
  • MMMMMM you are correct about using the samaccountName to get the object, but looking at the Add-AdgroupMember help example 1 says another story

    -------------------------- EXAMPLE 1 --------------------------

        C:\PS>Add-ADGroupMember SvcAccPSOGroup SQL01,SQL02


        Adds the user accounts with SamAccountNames SQL01,SQL02 to the group SvcAccPSOGroup.

    My point is not to argue is to understand what happened here 
    Thanks for your reply :D


    Thursday, August 11, 2016 9:17 PM
  • MMMMMM you are correct about using the samaccountName to get the object, but looking at the Add-AdgroupMember help example 1 says another story

    -------------------------- EXAMPLE 1 --------------------------

        C:\PS>Add-ADGroupMember SvcAccPSOGroup SQL01,SQL02


        Adds the user accounts with SamAccountNames SQL01,SQL02 to the group SvcAccPSOGroup.

    My point is not to argue is to understand what happened here 
    Thanks for your reply :D


    Yes. You are right.  Then what was I thinking of? I'll have to mull that for a while.

    Thanks for the heads up.

    Of course the CV wasn't going to work anyway and you didn't need to get the user object.

    Get-Content 'C:\temp\pe.txt' |
    	Foreach-Object {Add-ADGroupMember -Identity grp_PE -Members $_}

    Shorthand:

    cat C:\temp\pe.txt| %{Add-ADGroupMember grp_PE $_}


    \_(ツ)_/



    • Edited by jrv Thursday, August 11, 2016 9:55 PM
    Thursday, August 11, 2016 9:52 PM