I found myself creating security groups for different servers in one of my domains over and over again and using the GUI can get a bit tedious. So I decided to write a quick powershell script that provides an interactive prompt asking for the server name, group type (select from options) and then from there creates a security group called “SERVERNAME-GROUP” in Active Directory. In my case, I had three different groups for each server, local “Admins”, local “Users”, and finally a special group for database admins used in Microsoft SQL Server. This requires the Active Directory module for powershell and must be run from a Domain Controller.

Below is the powershell code:

$servername = read-host "Enter Name of Server"

$title = "User or Admin Group selection"

$message = "Will this be a group for admins, users, or DBA's?"

$admin = New-Object System.Management.Automation.Host.ChoiceDescription "&admin",
    "Selects Admin"

$user = New-Object System.Management.Automation.Host.ChoiceDescription "&user",
    "Selects user"

$dba = New-Object System.Management.Automation.Host.ChoiceDescription "&dba",
    "Selects DBA"

$options = [System.Management.Automation.Host.ChoiceDescription[]]($admin, $user, $dba)

$result = $host.ui.PromptForChoice($title, $message, $options, 0)

switch ($result) {0 {$type = "-Admins"} 1 {$type = "-Users"} 2 {$type = "-DBA"}}

$groupname = "$servername$type"

$parms = @{name= $groupname ; groupscope='Global'; path='OU=Security Groups,DC=contoso,DC=local'}

NEW-ADgroup @parms

Feel free to take, modify and use!

1 of 1

This post has no comments. Be the first to leave one!

Leave a Reply