Let's say that I have a scheduled task that adds a high-level roles-based AD group to a user.
As part of that same task, I'd like to run a powershell script to collect all the nested "child" groups from that roles-based "parent" group, and add those to the user as well.
Example - a new Marketing user is hired, so I add the roles-based group "Marketing Security Groups". But then for visibility, I want to also add all of the nested groups (Marketing Network Folder, Marketing SharePoint site, Marketing - Expense Application...) directly to that user's account.
We have the PowerShell script to do this, but the "parent" group (Marketing Security Groups) is hard-coded into a viariable in the script.
I could edit the PowerShell script each time it's used, and change the value. But instead, is it possible to set the variable to whatever group name is indicated in my scheduled task?
I'd envision the task to look like this:
Always:
- Add "Marketing Security Groups" to User SmithJ
- Run PowerShell Script "Add Nested Groups"
and then opening the PowerShell script, seeing something like:
$ParentGroupToExpand = %GroupFromTheTask%
Alternately, is there a way to prompt the technician creating the task to type in the "parent" group name, and pass it to the script that way?