Script Repository


Add computer account to a group based on username and department

September 16, 2019
744

The script finds a computer whose username contains the username of the target user and adds to a group mathcing the user department. In the script, the $departmentInfos variable matches department names with names of the corresponding groups. To run the script, use a Busienss Rule, Custom Command or Scheduled Task configured for the User object type.

Edit Remove
PowerShell
$departmentInfos = @{
    "Sales" = "Comp_Sales"
    "IT" = "Comp_IT"
} # TODO: modify me. Example $departmentInfos = @{"<department name>" = "<group_name>"}

function GetObjectPath($filter, $domainName)
{
    $searcher = $Context.BindToObject("Adaxes://$domainName/rootDSE")
    $searcher.SearchFilter = $filter
    $searcher.SearchScope = "ADS_SCOPE_SUBTREE"
    $searcher.SizeLimit = 1
    
    try
    {
        $searchResultIterator = $searcher.ExecuteSearch()
        $searchResults = $searchResultIterator.FetchAll()
        
        if ($searchResults.Length -eq 0)
        {
            return $NULL
        }
        
        return $searchResults[0].AdsPath
    }
    finally
    {
        # Release resources
        if ($searchResultIterator){ $searchResultIterator.Dispose() }
    }
}

# Get the computer path
$domainName = $Context.GetObjectDomain("%distinguishedName%")
$computerPath = GetObjectPath "(&(objectCategory=computer)(sAMAccountName=*%username%*))" $domainName
if ($computerPath -eq $NULL)
{
    $Context.LogMessage("A user's computer could not be found", "Warning")
    return
}

# Search group matching the user department
$groupName = $departmentInfos["%department%"]
if ($groupName -eq $NULL)
{
    $Context.LogMessage("No group specifieded for department %department%.", "Warning")
    return
}
$groupPath = GetObjectPath "(&(objectCategory=group)(sAMAccountName=$groupName))" $domainName
if ($groupPath -eq $NULL)
{
    $Context.LogMessage("Group $groupName does not exist.", "Warning")
    return
}

# Add the computer to group
$group = $Context.BindToObject($groupPath)
$group.Add($computerPath)


Comments ( 0 )
No results found.
Leave a comment

Related Scripts