pwsh..AD-Groups - knuckleheadTech

Checking AD group for users that are enabled:

# enabled
$groupname = "FS-Finance"
$users = Get-ADGroupMember -Identity $groupname | `
? {$_.objectclass -eq "user"}
foreach ($activeusers in $users) { Get-ADUser -Identity $activeusers | `
? {$_.enabled -eq $true} | `
select Name, SamAccountName, UserPrincipalName, Enabled }

Checking AD group for users that are disabled:

# disabled
$groupname = "FS-Finance"
$users = Get-ADGroupMember -Identity $groupname | `
? {$_.objectclass -eq "user"}
foreach ($activeusers in $users) { Get-ADUser -Identity $activeusers | `
? {$_.enabled -eq $false} | `
select Name, SamAccountName, UserPrincipalName, Enabled }

Copy users from one group to another

# Get all the users from the group TSA and add them to the group Duo_ws_10Day_test
Get-ADGroupMember -Identity "TSA" | `
ForEach-Object { Add-ADGroupMember -Identity "DUO_ws_10Day_test" -Members $_ }

LazyAdmin.nl – Excellent site with, well excellent information. And aren’t most admins lazy? That’s why scripting is so important to us.