No announcement yet.

Is it possible to move users from one security group to another?

  • Filter
  • Time
  • Show
Clear All
new posts

  • Is it possible to move users from one security group to another?

    I'm looking to see if I can automate moving users between OU's and security groups with Powershell. So we have an OU for each building and security groups all named something like buildA users and buildb users. I'm looking to see if I can script something like move user X where from A to B where it would see they are in group buildA move them to group buildb. IS that even possible

  • #2
    Yes, I would think so
    How will the script pick up which building they are in - AD properties?

    Something like
    for each user
    If building property = B
    if group = A
    then remove from group A and Add to Group B
    next user

    Let me know if that's roughly what you are thinking and I will try to come up with something more power-shelly
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      The thing to remember about users and groups is that you don't add/delete a user's group membership from the user's point of view with Powershell, You remove the user from Group A's member list and then add them to Group B's member list. Even tho the ADUC GUI makes it look that way when viewing a user's 'Member of' tab, the PS commands are all focused around manipulation of the membership of the Group object from the Group's point of view. Sounds a little backward but it works.
      MSCA (2003/XP), Security+, CCNA

      ** Remember: credit where credit is due, and reputation points as appropriate **