Posted inActive Directory Powershell Script

How to create Bulk AD Groups Using PowerShell

No CommentsPosted inActive Directory, Powershell Script
How to create Bulk AD Groups Using PowerShell

Introduction

Managing groups in Active Directory (AD) is a routine task for IT administrators. When you have to create multiple groups at once, doing it manually is both time-consuming and error-prone. Thankfully, PowerShell comes to the rescue! In this blog, we’ll walk you through a step-by-step guide on how to create multiple Active Directory groups in bulk using a PowerShell script.

Prerequisites

Before running the script, make sure of the following:

  • You have administrative privileges.
  • Active Directory module is installed.
  • Your system is connected to the domain.

Preparing the CSV File

The script reads group details from a CSV file. Here’s an example of what your ‘GroupsToCreate.csv’ should look like:

Name,Description,OU,Mail,ManagerDN
HR-Team,HR Group for policies,”OU=Groups,DC=domain,DC=com”,hr@domain.com,”CN=John Doe,OU=Users,DC=domain,DC=com”

Understanding the PowerShell Script

Here’s the full script:

Import-Module ActiveDirectory
$groups = Import-Csv -Path "GroupsToCreate.csv"

foreach ($group in $groups) {
    try {
        $name = $group.Name
        $desc = $group.Description
        $ou = $group.OU
        $mail = $group.Mail
        $managerDN = $group.ManagerDN

        # Create and configure group
        New-ADGroup -Name $name -SamAccountName $name -GroupScope Global -GroupCategory Security -Description $desc -Path $ou -ErrorAction Stop
        Set-ADGroup -Identity $name -ManagedBy $managerDN -Add @{mail = $mail} -ErrorAction Stop

        Write-Host "Group '$name' created and configured successfully."
    } catch {
        Write-Host "Error processing group '$($group.Name)': $_"
    }
}

Let’s break it down step-by-step:

  • Import-Module ActiveDirectory – Loads the Active Directory module, enabling you to use AD cmdlets.
  • Import-Csv – Loads group details from the specified CSV file.
  • foreach ($group in $groups) – Loops through each row (group) from the CSV.
  • $name, $desc, $ou, $mail, $managerDN – Assigns the respective values from each CSV row to variables.
  • New-ADGroup – Creates a new AD group with specified name, description, scope, and category.
  • Set-ADGroup – Sets additional attributes like the group manager and email address.
  • Write-Host – Displays messages in the console about success or error.
  • catch {} – Catches and displays errors if any step fails.

Running the Script

To run the script, open PowerShell as Administrator and execute the script file. Make sure the CSV file is in the same directory or update the path accordingly.

Sample Output

Here’s what you’ll typically see when the script runs successfully:

Group ‘HR-Team’ created and configured successfully.
Group ‘Finance-Team’ created and configured successfully.

If an error occurs, you’ll see:

Error processing group ‘IT-Support’: The server is unwilling to process the request

Final Thoughts

Using PowerShell to automate the creation of AD groups not only saves time but also ensures consistency. This script is ideal for onboarding, migrations, or any scenario where multiple groups need to be created quickly and accurately. With just a properly formatted CSV file and a few lines of code, you can make group management a breeze!

Tags:

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *