Import AD powershell module if not already loaded
1 2 3 4 5 6 |
if (-not (Get-Module ActiveDirectory)){ Write-Host "importing Active Directory module..." Import-Module ActiveDirectory } |
Create an AD group
1 2 3 4 5 |
New-ADGroup [-Name] <string> [-GroupScope <ADGroupScope>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Description <string>] [-DisplayName <string>] [-GroupCategory <ADGroupCategory>][-HomePage <string>] [-Instance <ADGroup>] [-ManagedBy <ADPrincipal>] [-OtherAttributes <hashtable>] [-PassThru <switch>] [-Path <string>][-SamAccountName <string>] [-Server <string>] [-Confirm] [-WhatIf] [CommonParameters] |
-groupscope : Domainlocal(0), Global (1), Universal (2). ( LDAP property “groupType”)
-instance ADGroup : Use AdGroup as template
Example 1:
1 2 3 |
New-ADGroup -name "name" -groupscope Global -path "OU=GroupOU,DC=Domain,DC=local" |
Example 2:
1 2 3 4 5 6 |
$newgroups = @("Group1", "Group2","Group3") ForEach ($newgroup in $newgroups.GetEnumerator()) { New-ADGroup -name $newgroup -groupscope Universal -path "OU=GroupOU,DC=domain,DC=local" } |
Create a new Organizational Unit
1 2 3 4 5 6 |
New-ADOrganizationalUnit [-Name] <string> [-AuthType {<Negotiate> | <Basic>}] [-City <string>] [-Country <string>] [-Credential <PSCredential>] [-Description <string>] [-DisplayName <string>] [-Instance <ADOrganizationalUnit>] [-ManagedBy <ADPrincipal>] [-OtherAttributes <hashtable>] [-PassThru <switch>] [-Path <string>] [-PostalCode <string>] [-ProtectedFromAccidentalDeletion <[bool]>] [-Server <string>] [-State <string>] [-StreetAddress <string>] [-Confirm] [-WhatIf] [<CommonParameters>] |
Example:
1 2 3 4 5 |
New-ADOrganizationalUnit -Name TestOU -Path "DC=domain,DC=local" New-ADOrganizationalUnit -Name TestOU2 -Path "OU=TestOU,DC=domain,DC=local" |
Get the AD distinguished name
1 2 3 |
Get-ADDomain | select -ExpandProperty DistinguishedName |