If you use the Active Directory Module for PowerShell, we’re going to review a couple of simple applications of the ADGroupMember cmdlet. This article will work for you if you need to add one or several users to the same AD group.
Using Add-ADGroupMember cmdlet
To start using this cmdlet, you can copy and paste the following instruction:
PS C:\> Add-ADGroupMember -Identity "GROUP_NAME" -Members USER_NAME1, USER_NAME2, USER_NAME3
Where:GROUP_NAME
is the name of the AD Group you want to add the users to.USER_NAMEX
is the SamAccountName property of the user. If the email of the user is first.name@company.com , then your SamAccountName is first.name. Remember that you can use the command Get-ADUser to check the properties of a given user, to be more specific you can use Get-ADUser -Identity “USER_NAME” -Properties * to check that. Also, this cmdlet will only work if you have enough permissions to add users to the target AD group.
Understanding the Add-ADGroupMember cmdlet
The command Add-ADGroupMember tells AD PS module that you want to add one or more users to a group. So, the next thing you want to specify is the name of the AD group. For that, we use the parameter -Identity followed by the name of the group. The “” are necessary to avoid errors, especially if you’re using an AD group with spaces in its name. The -identity parameter can identify an AD group by its “distinguished name, GUID, security identifier, or Security Account Manager (SAM) account name”.
Next thing is the parameter -Members. This one specifies the new members to add to a group. As with the -identity parameter, you can identify an user by its distinguished name, GUID, security identifier, or SAM account name. After you run the command, you can expect just a new line of PS if everything went well. If there’s an issue PS will let you know. Examples of problems could be that both the user or the group doesn’t exist, the user is already part of the AD group or that you don’t have enough permissions to perform the requested action.
Another way to do it
Copy and paste the following in PS:
PS C:\> Add-ADGroupMember
And then press enter. You will see that PS recognizes the command and asks you for the parameters discussed above. First is going to ask for -
identity which refers to the name of the AD group. Then it will allow you to add members by filling the parameter Members[n]. If your don’t want to keep adding users, just leave the last Members [n] in blank and press enter to finish the execution of the instruction.