adamcybersec · September 7, 2022 02:53
diff --git a/add-user-to-ad-groups.ps1 b/add-user-to-ad-groups.ps1
 #
 # README
 #

 # Open the Azure Cloud Shell
 # Run Connect-AzureAD
 # Authenticate if needed
 # Confirm that all your groups are listed in the $AllGroups var
 # Upload add-to-groups.ps1 if needed
 # Run ./add-user-to-ad-groups.ps1 "[email protected]"
 # Review the console outputs and carry on with your day

 #
 # Parameters
 #
 param(
  # The user email to add to groups
  [Parameter(Mandatory=$true)]
  [string]
  $NewUserEmail
 )

 $AllGroups = $(
  "my-group",
  "my-other-group"
 )

 function Add-NewUserToGroups {

  param (
    $NewUserId
  )

  Write-Output "Recieved ObjectId $NewUserId for UPN $NewUserEmail"
  foreach ($Group in $AllGroups) { 

    # Get the Groups ObjectId
    $GroupId = Get-AzureADGroup -Filter "DisplayName eq '$Group'" | Select -ExpandProperty ObjectId 

    # Check if the User is already a Member
    $GroupMembers = @(Get-AzureADGroupMember -ObjectId $GroupId -All $true)

    # If the User is already a Group Member, tell us and continue the loop
    if ($IsUserInGroup = $GroupMembers.ObjectId -contains $NewUserId) {
      Write-Output "User $NewUserEmail is already a Member of $Group!"
    } 
    # If the User is not already a Member, add them
    else {
      Write-Output "Adding $NewUserEmail to $Group"

      Add-AzureADGroupMember -ObjectId $GroupId -RefObjectId $NewUserId
    }
  }
 }

 # Get the Users ObjectId
 $NewUserId = Get-AzureADUser -Filter "UserPrincipalName eq '$NewUserEmail'" | Select -ExpandProperty ObjectId 

 # Run the main function, pass in the Users ObjectId as a param
 Add-NewUserToGroups $NewUserId
	#
	# README
	#

	# Open the Azure Cloud Shell
	# Run Connect-AzureAD
	# Authenticate if needed
	# Confirm that all your groups are listed in the $AllGroups var
	# Upload add-to-groups.ps1 if needed
	# Run ./add-user-to-ad-groups.ps1 "[email protected]"
	# Review the console outputs and carry on with your day

	#
	# Parameters
	#
	param(
	# The user email to add to groups
	[Parameter(Mandatory=$true)]
	[string]
	$NewUserEmail
	)

	$AllGroups = $(
	"my-group",
	"my-other-group"
	)

	function Add-NewUserToGroups {

	param (
	$NewUserId
	)

	Write-Output "Recieved ObjectId $NewUserId for UPN $NewUserEmail"
	foreach ($Group in $AllGroups) {

	# Get the Groups ObjectId
	$GroupId = Get-AzureADGroup -Filter "DisplayName eq '$Group'" \| Select -ExpandProperty ObjectId

	# Check if the User is already a Member
	$GroupMembers = @(Get-AzureADGroupMember -ObjectId $GroupId -All $true)

	# If the User is already a Group Member, tell us and continue the loop
	if ($IsUserInGroup = $GroupMembers.ObjectId -contains $NewUserId) {
	Write-Output "User $NewUserEmail is already a Member of $Group!"
	}
	# If the User is not already a Member, add them
	else {
	Write-Output "Adding $NewUserEmail to $Group"

	Add-AzureADGroupMember -ObjectId $GroupId -RefObjectId $NewUserId
	}
	}
	}

	# Get the Users ObjectId
	$NewUserId = Get-AzureADUser -Filter "UserPrincipalName eq '$NewUserEmail'" \| Select -ExpandProperty ObjectId

	# Run the main function, pass in the Users ObjectId as a param
	Add-NewUserToGroups $NewUserId