Blog Of Directory Service
  • ···
  • Home
  • ···
  • ···
  • About Me
  • ···
  • ···
  • Contact Me
  • ···
  • ···
LinkedInTechNet
Post Page
Home/Blog/Post/

Create Shadow Groups (Dynamic Groups) in Active Directory

  • Post On 2015-03-23

Recently I faced a request from a client wanting a Dynamic Security Group in Active Directory which automatically update its members.. However we do have the concept of dynamic objects in Active Directory (I promise to speak on that on another article), but this one was completely different. The client wanted to have a security group which automatically removes the disabled users from it. So I started a lovely conversation with my lovely friend PowerShell.

Basically what you have to do is to write a multi function PowerSell script. We will need more than a couple of Pipes in this script. In order to understand the code, let's translate it to human language:

Find Group1 in AD | Find Disabled members in the Member List | Remove them

Now if you want to have a fully automated one, you need to schedule this script to run hourly in your domain controller. Here is the script:

Get-ADGroupMemberGroupTest|%{Get-ADUser-Identity $_.distinguishedName

-PropertiesEnabled,samaccountname |?{$_.Enabled-eq $false}|?

{Remove-ADGroupMember-IdentityGroupTest-Members

$_.samaccountname -Confirm:$false}}

Have fun automating..

Active DirectoryPowerShell
  • (0)
  • (355)
Mahdi Tehrani

info@mahditehrani.ir

Leave a comment
Comments
Search
Categories
Concepts (4)
Group Policy (1)
Active Directory (13)
PowerShell (2)
Latest Posts

Why NTDS size is different on different Domain Controllers?

  • Post On 2018-05-28

Limit Active Directory user login to 1 session

  • Post On 2017-08-24

Protect your domain against WannaCry malware

  • Post On 2017-05-23

The auditor of auditors: 'LepideAuditor Suite'

  • Post On 2017-05-23

‘List Object Mode’ in Active Directory, a myth or future settings?

  • Post On 2017-04-23

Fix Group Policy error 1058

  • Post On 2016-04-22

Bulk change specific permissions for users

  • Post On 2015-04-23

Create Shadow Groups (Dynamic Groups) in Active Directory

  • Post On 2015-03-23

Manipulate delegation wizard in Active Directory

  • Post On 2014-10-22

Am I locked out? Where? How?

  • Post On 2014-10-22
!APP License
Copyright © 2023 TondarNet V1.0.0