Morning! So I have a PowerShell server build script that does the following as part of it:
Asks if you want to add an AD group to Administrators on the server you're building, or if you want to search a different server for the groups and users in Administrators and use one of those.
1. If you want to add an AD group to Administrators, it asks you what
AD group and saves that in a variable ($OSAdministrators)
2. If you want to search a server for the groups and users, you put in
the server, it searches, and displays the results of all groups and
users in Administrators. It then asks you to type out which group
you want to use, and saves that in the same variable
($OSAdministrators).
Example code for #2:
$OSAdministratorsSearchHost = Read-Host "Enter the hostname of the server to search for Administrators groups"
function Get-LocalAdmin {
$admins = Gwmi win32_groupuser –Computer $OSAdministratorsSearchHost
$admins = $admins |? {$_.GroupComponent –like '*"Administrators"'}
$admins |% {
$_.partcomponent –match “.+Domain\=(.+)\,Name\=(.+)$” > $nul
$matches[1].trim('"') + “\” + $matches[2].trim('"')
}
}
Get-LocalAdmin
$OSAdministrators = Read-Host "Enter the name of the AD group from the list above to add to Administrators on the new server; press Enter to skip"
This works great if you only want to add 1 group. The problem is that sometimes you may have a couple groups you'd like to add to a server, and I'm not sure how to deal with that. For example, for #2 above I'd love to have it like this:
$OSAdministrators = Read-Host "Enter the name(s) of the AD group(s) from the list above to add to Administrators on the new server. If entering multiple, separate them with a comma (e.g. "Server Group 1,Server Group 2")"
But I'm not sure how to break out "Server Group 1" and "Server Group 2" and use that later in my code where it actually adds the group to Administrators on the server you're building:
$DomainName = "[where the domain FQDN would be]"
$AdminGroup = [ADSI]"WinNT://$HostName/Administrators,group"
$Group = [ADSI]"WinNT://$DomainName/$OSAdministrators,group"
$AdminGroup.Add($Group.Path)
I've tried searching online, but the way I'm searching it's not finding anything for this specific use-case, or the solutions seem to be overly complicated for what I'm trying to do (I'm talking 30 lines of code just to parse through inputs). I would think there'd be a simpler way I'm just missing.
Any direction would be greatly appreciated. Thanks!
Asks if you want to add an AD group to Administrators on the server you're building, or if you want to search a different server for the groups and users in Administrators and use one of those.
1. If you want to add an AD group to Administrators, it asks you what
AD group and saves that in a variable ($OSAdministrators)
2. If you want to search a server for the groups and users, you put in
the server, it searches, and displays the results of all groups and
users in Administrators. It then asks you to type out which group
you want to use, and saves that in the same variable
($OSAdministrators).
Example code for #2:
$OSAdministratorsSearchHost = Read-Host "Enter the hostname of the server to search for Administrators groups"
function Get-LocalAdmin {
$admins = Gwmi win32_groupuser –Computer $OSAdministratorsSearchHost
$admins = $admins |? {$_.GroupComponent –like '*"Administrators"'}
$admins |% {
$_.partcomponent –match “.+Domain\=(.+)\,Name\=(.+)$” > $nul
$matches[1].trim('"') + “\” + $matches[2].trim('"')
}
}
Get-LocalAdmin
$OSAdministrators = Read-Host "Enter the name of the AD group from the list above to add to Administrators on the new server; press Enter to skip"
This works great if you only want to add 1 group. The problem is that sometimes you may have a couple groups you'd like to add to a server, and I'm not sure how to deal with that. For example, for #2 above I'd love to have it like this:
$OSAdministrators = Read-Host "Enter the name(s) of the AD group(s) from the list above to add to Administrators on the new server. If entering multiple, separate them with a comma (e.g. "Server Group 1,Server Group 2")"
But I'm not sure how to break out "Server Group 1" and "Server Group 2" and use that later in my code where it actually adds the group to Administrators on the server you're building:
$DomainName = "[where the domain FQDN would be]"
$AdminGroup = [ADSI]"WinNT://$HostName/Administrators,group"
$Group = [ADSI]"WinNT://$DomainName/$OSAdministrators,group"
$AdminGroup.Add($Group.Path)
I've tried searching online, but the way I'm searching it's not finding anything for this specific use-case, or the solutions seem to be overly complicated for what I'm trying to do (I'm talking 30 lines of code just to parse through inputs). I would think there'd be a simpler way I'm just missing.
Any direction would be greatly appreciated. Thanks!