Hey, I have a script that I can't seem to figure out how to write correctly. What I want to do is to add domain accounts to local groups on either a local or remote computer. I want to be able to add one or more accounts to one or more computers, kind
of like how Get-Process can list processes from several computers.
I understand that my foreach statement only evaluates the $ComputerName variable, but how would I evaluate both $ComputerName and $SamAccountName?
Here's my code if anyone want to take a look, really appreciate it.
[cmdletbinding()]
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String[]]$SamAccountName,
[String[]]$ComputerName = 'localhost',
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[ValidateSet('RemoteDesktopUsers','Administrators')]
$LocalGroup
)
$ErrorActionPreference = "Stop"
#$VerbosePreference = "Continue"
function Add-DomainObject{
Begin
{
}
Process
{
Write-Output "Trying to add user/group to the local group(s) on the computers..."
if ($LocalGroup -eq "RemoteDesktopUsers")
{
$ConvertedRDPGroupName = "Remote Desktop Users"
foreach ($Computer in $ComputerName)
{
$objUser = [ADSI]("WinNT://ZENIT/$SamAccountName")
$objGroup = [ADSI]("WinNT://$Computer/$ConvertedRDPGroupName")
$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)
}
}
else
{
foreach ($Computer in $ComputerName)
{
$objUser = [ADSI]("WinNT://ZENIT/$SamAccountName")
$objGroup = [ADSI]("WinNT://$Computer/$LocalGroup")
$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)
}
}
}
}
Add-DomainObject -SamAccountName $SamAccountName -ComputerName $ComputerName -LocalGroup $LocalGroup
I understand that my foreach statement only evaluates the $ComputerName variable, but how would I evaluate both $ComputerName and $SamAccountName?
Here's my code if anyone want to take a look, really appreciate it.
[cmdletbinding()]
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[String[]]$SamAccountName,
[String[]]$ComputerName = 'localhost',
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[ValidateSet('RemoteDesktopUsers','Administrators')]
$LocalGroup
)
$ErrorActionPreference = "Stop"
#$VerbosePreference = "Continue"
function Add-DomainObject{
Begin
{
}
Process
{
Write-Output "Trying to add user/group to the local group(s) on the computers..."
if ($LocalGroup -eq "RemoteDesktopUsers")
{
$ConvertedRDPGroupName = "Remote Desktop Users"
foreach ($Computer in $ComputerName)
{
$objUser = [ADSI]("WinNT://ZENIT/$SamAccountName")
$objGroup = [ADSI]("WinNT://$Computer/$ConvertedRDPGroupName")
$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)
}
}
else
{
foreach ($Computer in $ComputerName)
{
$objUser = [ADSI]("WinNT://ZENIT/$SamAccountName")
$objGroup = [ADSI]("WinNT://$Computer/$LocalGroup")
$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)
}
}
}
}
Add-DomainObject -SamAccountName $SamAccountName -ComputerName $ComputerName -LocalGroup $LocalGroup
