PowerShell and QADGroup

PowerShell and QADGroup

A company called Quest provides an extra snap-In for PowerShell.  The idea is for these Active Directory cmdlets to work alongside the native PowerShell commands.  As a result we can examine groups in general, and add members in particular.  Incidentally, all the PowerShell and QAD nouns are singular, hence QADGroup (and not QADGroups)

Topics for PowerShell’s QADGroup and QADGroupMember

• Example 1:  Research the QADGroup Family of Cmdlets
• Example 2:  Getting to know QADGroup parameters
• Example 3:  Listing the Users in a Group
• Example 4:  How To Add Users to a Named Group (Bakers)

 ♣

Pre-requisites, particularly for the QAD snap-In

Before we can get my examples to work you need to meet these pre-requisites.

1. Download and install PowerShell and .Net Framework. 
   Go to Microsoft’s site and choose the flavour to suit your operating system.
2. Download, then install the QAD Snap-Ins from this site:
   http://www.quest.com/activeroles-server/arms.aspx
3. Register the snap-In. (Key point)
   add-PSSnapin quest.activeroles.admanagement
4. Gain access to Active Directory.  Best would be to logon at a domain controller in a test domain.

Example 1:  Research the QADGroup Family of Cmdlets

Note 1:  The point of this command is to reveal the two branches of this family, QADGroup and QADGroupMember.

Get-QADGroup, new-QADGroup and set-QADGroup
Get-QADGroupMember, add-QADGroupMember and remove-QADGroupMember

Example 2:  Getting to know QADGroup parameters

Here is the classic PowerShell method to discover the parameters of cmdlet.  The format is:
Get-Help Verb-Noun -full

Note 1:  The two parameters of most interest are -identity and -member.  If we reflect that the main verb is ‘add’, then we can see that -identity defines the group object itself, while -member takes care of the user(s) we are adding to this group.

Guy Recommends:  SolarWinds’ Free Bulk Import Tool

Import users from a spreadsheet.  Just provide a list of the users with their fields in the top row, and save as .csv file.  Then launch this FREE utility and match your fields with AD’s attributes, click and import the users.

Optionally, you can provide the name of the OU where the new accounts will be born. Download your FREE bulk import tool.

Example 3:  Listing the Users in a Group

Let us assume that you have fulfilled the above pre-requisites, now there are just three things to do before my next script will work:

a) Connect to Active Directory, best would be to logon at a domain controller in a test network.  Remote connection works well, and you could try Virtual PC for your test network.

b) Find the variable $OUGang in my script(s); then amend its value to reflect your domain and your Organizational Unit.  You many need a little extra work with Active Directory Users and Computers in creating an OU and a handful of users.

c) This script represents a learning progression, and it’s also useful in troubleshooting.  However, you need to manually a few users to the ‘Bakers’ group, other wise the script won’t return any values.

Note 1:  This script relies on the group called ‘Bakers’ having members.  On this occasion, it would be best to add the users manually in Active Directory Users and Computer.  The other benefit is that you can use the GUI to check the tabs and double check that the script is working properly.

Guy Recommends:  A Free Trial of the Network Performance Monitor (NPM) v11.5

SolarWinds’ Network Performance Monitor will help you discover what’s happening on your network.  This utility will also guide you through troubleshooting; the dashboard will indicate whether the root cause is a broken link, faulty equipment or resource overload.

What I like best is the way NPM suggests solutions to network problems.  Its also has the ability to monitor the health of individual VMware virtual machines.  If you are interested in troubleshooting, and creating network maps, then I recommend that you try NPM now.

Download a free trial of Solarwinds’ Network Performance Monitor

Example 4:  How To Add Users to a Named Group (Bakers) 

While there is a QAD cmdlet to create a group, however, I am going to concentrate on adding users to an existing group called ‘Bakers’.  Therefore, action point – create a group called ‘Bakers’, else modify my script.

Note 1:   You did change the value of $OuGang – didn’t you?  Also Remember that these QAD cmdlets don’t exist in the initial PowerShell install, they are only available after you successfully run: add-PSSnapin quest.activeroles.admanagement.  If your script does not work refer back to the pre-requisites.

Note 2:  This is how the script works.  $Target obtains a stream of users from the named Organizational Unit.  Foreach introduces a loop.  Focus on the parameters -identity and -member.  $Person.dn is responsible for adding each user in the stream to the ‘Bakers’ group.

See QAD Computer tasks »

Summary of PowerShell QADGroupMember

Our mission on this page is to add users to an existing group.  However, to give you complete understanding I have explained how you can research the family of QAD Group cmdlets.  In particular how to list group members with Get-QADGroupMember, finally I have shown how to create a script which employs add-QADGroupMember to introduce more members to a named group.

See more PowerShell QAD Scripts

• PowerShell Home   • Quest QAD   • QADUser   • QADGroup   • QADComputer

• Export-CSV   • Import CSV   • QAD Password   • Add-PSSnapin   • Free Import User CSVDE Tool

• Get-AdUser -filter   • Windows PowerShell   • Windows PowerShell .Net

Please email me if you have a better example script. Also please report any factual mistakes, grammatical errors or broken links, I will be happy to correct the fault.