How to add users to a group in Active Directory using PowerShell
To add users to an Active Directory (AD) group using PowerShell, the Add-ADGroupMember cmdlet has to be used. Quite a bit of AD and scripting expertise is needed to add users to a group using PowerShell, as the cmdlet must be used with a different set of parameters and filters, as per your need. For example, the PowerShell scripts to add members to a group, using the Add-ADGroupMember, will be different to add users to groups from CSV, add a group to group, add a user to group, add multiple users to groups, and so on.
This article explains the procedure to add users to an AD group using PowerShell and ADManager Plus, a unified Active Directory, Office 365 and Exchange management and reporting solution. This article also demonstrates how ADManager Plus with its purpose-built feature to add a single user or bulk add users to AD group, is the easiest and most efficient option of the two.
Windows PowerShell
Steps to user PowerShell to add user to group.
- Ensure you have the necessary permissions to perform this action, and also to execute PowerShell scripts.
- Get the value for necessary attributes such as the group name, the sAMAccountNames of the users to be added to groups, etc.
- Create the script using the Add-ADGroupMember cmdlet, and execute it in the PowerShell window.
A sample PowerShell script to add user to ad group
Copied
Add-ADGroupMember -Identity SaveTheWorldTeam -Members JamesBond,SuperMan,IronMan
Click to copy entire script
This script will add the users JamesBond, SuperMan and IronMan to the AD group SaveTheWorldTeam.
ADManager Plus
To add user to AD group,
- Click the Group Attributes feature under User Management, in Management tab.
- Select desired domain, and the necessary groups in 'Add to group' field. If needed, select the relevant groups for 'Remove from group' field, and 'Set the primary group' fields. Add the users to be added; you can also import the list from a CSV file. Click Create.
Screenshot
» Start 30-day Free Trial
Limitations of using PowerShell to add user to AD group
- You will not be able to add users to groups using PowerShell if you do not have sufficient permissions in AD. With ADManager Plus, users privileges in native AD or Exchange doesn't have to be elevated to add user to AD groups.
- Using PowerShell to add users to groups is complex, as the script has to be modified or created exclusively for different needs such as adding users to multiple groups, bulk adding users to groups, and so on. ADManager Plus on the other hand offers a predefined feature which allows you to add user a single user or multiple users to groups, even importing a list from CSV, with just point and click actions, all using the same feature.
- With PowerShell, adding and removing users from groups in the same action would need complex scripts. ADManager Plus though, offers built-in options to add users to groups, remove users from other groups, and also set primary group, in just one action.
- If you wish to bulk add users to groups using CSV file, the PowerShell script has to be modified. With ADManager Plus though, as the import CSV option is built-in, you can use the same feature to add users to groups, in single or bulk.
- With PowerShell, automating new user creation requires a complex and long script. However, ADManager Plus allows you to automate user creation with simple point and click actions.
- You must know how to run the scripts from the PowerShell window. ADManager Plus is purely GUI-based, allowing you to perform all management and reporting actions with just mouse clicks from its web-based console.
- A misplaced hyphen, a typo in the LDAP names or lack of sufficient permission to configure even just one of the attributes used in the script will lead to errors. As all actions in ADManager Plus are GUI-driven, there is no need to write scripts, eliminating the chances of errors.
