Skip to content

Instantly share code, notes, and snippets.

@matthewjberger

matthewjberger/GroupCommands.ps1

Last active June 19, 2020 23:18
Show Gist options
  • Save matthewjberger/abb47b4f14462ccd1f9f3ce149072f72 to your computer and use it in GitHub Desktop.
Save matthewjberger/abb47b4f14462ccd1f9f3ce149072f72 to your computer and use it in GitHub Desktop.
Download ZIP
Creating windows users and groups with powershell
Raw
GroupCommands.ps1
$fakeUserName = "Some Engineer"
$fakeUserDescription = "A fake engineer used for testing purposes"
$groups = @(
[System.Tuple]::Create('My Group', 'Users who have two thumbs'),
[System.Tuple]::Create('My Other Group', 'Users who have no thumbs')
)
function GetADSI()
{
# Active Directory Service Interfaces (ADSI) is
# a set of COM interfaces that can be used to do
# common administrative tasks, such as adding users
# and groups.
#
# The namespace for ADSI is 'WinNT'
return [ADSI]("WinNT://$env:COMPUTERNAME")
}
function CreateUser([string]$userName, [string]$description = "")
{
if(![ADSI]::Exists("WinNT://./$userName"))
{
Write-Host "Creating user: `"$userName`" with description: `"$description`" ..."
$ADSI = GetADSI
$user = $ADSI.Create('User', $userName)
$user.SetInfo()
$user.Description = $description
$user.SetInfo()
}
else
{
Write-Host "User `"$userName`" exists already. Skipping user creation ..."
}
}
function RemoveUser([string]$userName)
{
if([ADSI]::Exists("WinNT://./$userName"))
{
Write-Host "Removing user: `"$userName`" ..."
$ADSI = GetADSI
$user = $ADSI.Children.Find($userName, 'User')
$ADSI.Children.Remove($user)
}
else
{
Write-Host "User `"$userName`" doesn't exist. Skipping..."
}
}
function AddGroup([string]$groupName, [string]$description)
{
if(![ADSI]::Exists("WinNT://$env:COMPUTERNAME/$groupName"))
{
Write-Host "Creating group $groupName ..."
$ADSI = GetADSI
$group = $ADSI.Create('Group', $groupName)
$group.SetInfo()
$group.Description = $description
$group.SetInfo()
}
else
{
Write-Host "Group `"$groupName`" exists. Skipping creation ..."
}
}
function RemoveGroup([string]$groupName)
{
if([ADSI]::Exists("WinNT://$env:COMPUTERNAME/$groupName"))
{
Write-Host "Removing group: `"$groupName`" ..."
$ADSI = GetADSI
$group = $ADSI.Children.Find($groupName, 'Group')
$ADSI.Children.Remove($group)
}
else
{
Write-Host "Group `"$groupName`" doesn't exist. Skipping..."
}
}
function AddUserToGroup([string]$userName, [string]$groupName)
{
if(![ADSI]::Exists("WinNT://$env:COMPUTERNAME/$groupName"))
{
Write-Host "Group `"$groupName`" does not exist. Skipping ..."
return
}
if(![ADSI]::Exists("WinNT://./$userName"))
{
Write-Host "User `"$userName`" does not exist. Skipping removal from group ..."
return
}
try
{
$ADSI = GetADSI
$group = $ADSI.Children.Find($groupName, 'Group')
$group.Add(("WinNT://$env:COMPUTERNAME/$userName"))
Write-Host "Added user: $userName to group: $groupName"
}
catch
{
Write-Host "The user `"$userName`" may already be part of the group `"$groupName`". Skipping ..."
}
}
function RemoveUserFromGroup([string]$userName, [string]$groupName)
{
if(![ADSI]::Exists("WinNT://$env:COMPUTERNAME/$groupName"))
{
Write-Host "Group `"$groupName`" does not exist. Skipping ..."
return
}
if(![ADSI]::Exists("WinNT://./$userName"))
{
Write-Host "User `"$userName`" does not exist. Skipping removal from group ..."
return
}
try
{
$ADSI = GetADSI
$group = $ADSI.Children.Find($groupName, 'Group')
$group.Remove("WinNT://$env:COMPUTERNAME/$userName")
Write-Host "Added user: $userName to group: $groupName"
}
catch
{
Write-Host "User `"$userName`" may already be part of the group `"$groupName`". Skipping ..."
}
}
Raw
SetupUserGroups.ps1
. (Join-Path -Path $PSScriptRoot -ChildPath "GroupCommands.ps1")
CreateUser $fakeUserName $fakeUserDescription
$groups | ForEach-Object {
AddGroup $_.Item1 $_.Item2
AddUserToGroup $fakeUserName $_.Item1
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment