Fatal编程技术网
  • powershell/
  • Powershell 将用户添加到多个安全组

Powershell 将用户添加到多个安全组

powershell active-directory

Powershell 将用户添加到多个安全组,powershell,active-directory,Powershell,Active Directory,我已经能够使用下面的代码将用户添加到一个组中 Get-Aduser -filter 'company -eq "1480"' | %{Add-ADGroupMember "HS Students" $_.SamAccountName} 但我想将用户添加到多个组中。HS和HS学生 任何帮助都将不胜感激 编辑1 因此,添加到我的创建用户脚本的底部会给我消息,该用户已经是我试图添加到的组的一部分。为什么会发生这种情况 foreach ($User in $ADUsers) { #R

我已经能够使用下面的代码将用户添加到一个组中

Get-Aduser -filter 'company -eq "1480"' | %{Add-ADGroupMember "HS Students" $_.SamAccountName}
但我想将用户添加到多个组中。HS和HS学生

任何帮助都将不胜感激

编辑1

因此,添加到我的创建用户脚本的底部会给我消息,该用户已经是我试图添加到的组的一部分。为什么会发生这种情况

   foreach ($User in $ADUsers)
   {
   #Read user data from each field in each row and assign the data to a  variable as below

$Username   = $User.ID
$Password   = $User.BDATE
$Firstname  = $User.FNAME
$Lastname   = $User.LNAME
$Department = $User.GRD
$Company    = $User.SCHID #This field refers to the OU the user account is to be moved to

# Choose OU
Switch ($Company)
{
    "1480" {$OU = 'OU=students,OU=users,ou=hs,dc=clasd,dc=net'}
    "1479" {$OU = 'OU=students,OU=users,ou=elem,dc=clasd,dc=net'}
}

#Check to see if the user already exists in AD
if (Get-ADUser -F {SamAccountName -eq $Username})
{
     #If user does exist, give a warning
     Write-Warning "A user account with username $Username already exist in Active Directory."
}
else
{
    #User does not exist then proceed to create the new user account
    "Processing started (on " + $date + "): " | Out-File $log -append
    "--------------------------------------------" | Out-File $log -append

    #Account will be created in the OU provided by the $OU variable read from the CSV file
    New-ADUser `
        -SamAccountName $Username `
        -UserPrincipalName "$Username@clasd.net" `
        -Name "$Firstname $Lastname" `
        -GivenName $Firstname `
        -Department "$Department" `
        -Company "$Company" `
        -EmailAddress "$Username@clasd.net" `
        -Surname $Lastname `
        -Enabled $True `
        -Scriptpath "login.vbs" `
        -DisplayName "$Firstname $Lastname" `
        -Path $OU `
        -AccountPassword (convertto-securestring $Password -AsPlainText -Force) `
        -ChangePasswordAtLogon $true

    #Start-Sleep 5

    # Add User to Groups
    Get-Aduser -filter 'company -eq "1480"' | % { Add-ADGroupMember "HS Students" $_.SamAccountName; Add-ADGroupMember "HS" $_.SamAccountName }

}
}因此您需要添加一个
在第一个命令之后


Get-Aduser -filter 'company -eq "1480"' | % 
{ Add-ADGroupMember "HS Students" $_.SamAccountName; Add-ADGroupMember "HS" $_.SamAccountName }



如果你真的愿意,你可以用它做一行,只是我格式化它的方式看起来更好。
谢谢。这是应该的。当我将用户添加到创建用户脚本时,它会告诉我用户已经添加到组中的任何原因。请参阅我的编辑。在这种情况下,您应该将其标记为答案;)至于你的第二个问题,我不知道它为什么会这样做,从你的代码判断,它不应该这样做,也许你应该为此创建另一个问题