I found myself creating security groups for different servers in one of my domains over and over again and using the GUI can get a bit tedious. So I decided to write a quick powershell script that provides an interactive prompt asking for the server name, group type (select from options) and then from there creates a security group called “SERVERNAME-GROUP” in Active Directory. In my case, I had three different groups for each server, local “Admins”, local “Users”, and finally a special group for database admins used in Microsoft SQL Server. This requires the Active Directory module for powershell and must be run from a Domain Controller.

Below is the powershell code:

$servername = read-host "Enter Name of Server"

$title = "User or Admin Group selection"

$message = "Will this be a group for admins, users, or DBA's?"

$admin = New-Object System.Management.Automation.Host.ChoiceDescription "&admin",
    "Selects Admin"

$user = New-Object System.Management.Automation.Host.ChoiceDescription "&user",
    "Selects user"

$dba = New-Object System.Management.Automation.Host.ChoiceDescription "&dba",
    "Selects DBA"

$options = [System.Management.Automation.Host.ChoiceDescription[]]($admin, $user, $dba)

$result = $host.ui.PromptForChoice($title, $message, $options, 0)

switch ($result) {0 {$type = "-Admins"} 1 {$type = "-Users"} 2 {$type = "-DBA"}}

$groupname = "$servername$type"

$parms = @{name= $groupname ; groupscope='Global'; path='OU=Security Groups,DC=contoso,DC=local'}

NEW-ADgroup @parms

Feel free to take, modify and use!

This post has no comments. Be the first to leave one!

Join the discussion

Your email address will not be published. Required fields are marked *