Skip to main content

Export users of one AD group and import to another

·196 words·1 min
system-administration tech active-directory powershell sysadmin technology windows
James Pettigrove
Author
James Pettigrove
Cloud Engineer with a focus on Microsoft Azure

It’s quite common for members of one Active Directory security group to be replicate in another. Whether it is for testing linked systems (like System Center Configuration Manager linked collections) or simply all the members that have access to a location on the network need access to another.

Despite how common a action it is, it is rather painful to do in Active Directory Users and Computers snap due to the inability to copy/paste members of a group.

Never fear, let us lean on our good friend PowerShell to get the job done. We can combine the Get-ADGroup and Add-ADPrincipalGroupMembership commands to do what we need like below:

Get-ADGroup -Identity "group1" | Add-ADPrincipalGroupMembership -MemberOf "group2"

Simply replace group1 and group2 values with the name of the source and destination groups respectively. We utilise Add-ADPrincipalGroupMembership due to a very similar command, Add-ADGroupMember; cannot receive objects through a pipeline.

Similarly, we can remove all members of one group from another like so:

Get-ADGroup -Identity "group1" | Remove-ADPrincipalGroupMembership -MemberOf "group2"

Once again, replace group1 and group2 values, this time with the name of the source group who’s members you want to remove from destination group respectively.

PoSH on dudes!

Related

Testing your PowerShell code in different versions from the one workstation
·283 words·2 mins
system-administration tech powershell sysadmin technology windows
I hit a brick wall today while smashing together various PowerShell code snippets for a script I am working on (that I’ll share later).
Ping a set of hosts with Powershell
·368 words·2 mins
system-administration tech ping powershell sysadmin technology test-connection windows
You may find yourself one day having to ping a set of machines on a regular basis.
How to setup and restore a object from the Active Directory Recycle Bin
·310 words·2 mins
system-administration tech active-directory powershell sysadmin technology
CTRL+Z, the undo button, the recycle bin, shadow copies; The human element in the world of IT can some times be our undoing; This goes along way to explain the push to automate EVERY facet of the our IT systems.