Put domain computer(s) into Security Group

This topic contains 1 reply, has 2 voices, and was last updated by  Don Jones 3 years, 3 months ago.

  • Author
    Posts
  • #18559

    Frank Gray
    Participant

    I'm fairly new to PowerShell so I'm trying to do more admin functions in PS than the GUI. When I'm pushing out a new application with Group Policy, I create a Security Group for the computers to get the program.

    I've been struggling with something as simple as placing a computer into a security group with PS.

    Sure, eventually, I'd like to have a script that dumps a bunch of computers into the group, but I'm trying to do a single one to start to see it work and I'm failing at a pretty simple task.

    I've tried using add-adgroupmember -identity -members . I'm using the computer's DNS name.

    I even tried simply typing add-adgroupmember .

    I'm prompted for Identity and it takes the group name, now prompting me for members (0), I paste in the DNS computer name and enter. The prompt goes to members(1). I hit enter and it tells me it can't find the computer name.

    After spending a good deal of time on this, it's time to ask for some advice.

    Thanks!

  • #18561

    Don Jones
    Keymaster

    Good for you!

    So the [1] prompt you're seeing is because the parameter can accept multiple values; hitting Enter on a blank line is the correct way to make it proceed. So now we just need to get it a legit value.

    Specifying a DN might be a better way to identify the computer, if you can. You can also provide a GUID, SID, or SAM account name. A fully-qualified DNS name won't work; just a plain computer name should, provided it's the computer's samAccountName in Active Directory. It's important that there not be a same-named User account in the domain, because if there is, it'll grab that instead.

    But notice in http://blogs.technet.com/b/heyscriptingguy/archive/2013/12/25/powertip-add-computer-to-security-group-with-powershell.aspx that the computer's samAccountName is suffixed with a $. You might try adding that.

You must be logged in to reply to this topic.