Clatent

Technology | Fitness | Food

Groups

One-Liner Wednesday August 2, 2023

by Leave a Comment

Have you ever needed to create multiple 365 Groups/Security/Distribution at one time? This could be for a new department, new office, or even a new campaign that only certain people need access and email to. I won’t even go into the time it would take to do this in the GUI, but how would you add them scripting wise, as there are 4 types of Groups/Lists in 365. Do you only do one cmdlet at a time and hope someone doesn’t come back after you’ve already done some and they need to add another group with a cmdlet you’ve already used?

I have a nice simple one-liner to fix this issue.

Add-CT365Group -FilePath "C:\\Path\\to\\file.xlsx" -UserPrincialName "admin@domain.com" -Domain "domain.com"

That’s it.

Ok, to be fair, PowerShell wise that is all there is to it other than installing the 365AutomatedLab module from Github. After that only 3 steps needed, and well worth it. Here are the steps:

  1. Create a workbook in Excel, and have a sheet named “Groups”
  2. Add the Headers “DisplayName”, “PrimarySMTP”, “Description”, “Owner”, and “Type”
    1. DisplayName is self explanatory as this will be the Display name for the group
    2. PrimarySMTP is the email address without the @domain.com
    3. Description is self explanatory as this will be the description value for the group
    4. Owner is only a placeholder, but will be adding that soon
    5. Type will be the type of group it is – and will pull the corresponding cmdlet
      1. 365Group
      2. 365MailEnabledSecurity
      3. 365Distribution
      4. 365Security
  3. Add your Group information in the corresponding fieldsExcel worksheet example

After those are filled in, you can run the script from above pointing to where you saved that excel file, and all those groups you added to the Excel worksheet named “Groups” will be added (As long as you have the correct permissions)

It’s really that simple. I’m looking to expand the properties you can add into the groups, if there are any you’d rather see first, please let me know.

I hope you found this useful and it saves you time/headaches from having to more manually add them! As always if I can help out in anyway, please feel free to reach out!

Microsoft Documentation on Group Types

New-UnifiedGroup

New-DistributionGroup

New-MgGroup

Creating an AD Security Group

by Leave a Comment

We’ve all had to create a security group before, but why not standardize it.

First, what fields are mandatory and helpful for creating a security group? We will need these to create parameters to make sure they are always filled out.

  • Security Group Name
  • Display Name
  • Description of Group
  • Credential

Then we create the function parameters as below. If you notice the Mandatory and help message in there, these will require these parameters to be entered in before running as well as give help if someone is unsure of what needs to be entered.

#Create Security Group
#Change the OU path if necessary

[CmdletBinding()]
param (
    [Parameter(Mandatory,HelpMessage='Name of Security Group')]
    [string]$Name,

    [Parameter(Mandatory,HelpMessage='Display Name of Security Group')]
    [string]$DisplayName,

    [Parameter(HelpMessage='Description of Security Group')]
    [string]$Description,

    [Parameter(Mandatory)]
    [ValidateNotNull()]
    [System.Management.Automation.PSCredential]
    [System.Management.Automation.Credential()]
    $Credential = [System.Management.Automation.PSCredential]::Empty

)

Then we apply these parameters to our code

New-ADGroup -Name $Name -Credential $Credential -SamAccountName $Name -GroupCategory Security -GroupScope Global -DisplayName $DisplayName -Path "OU=Security Groups,DC=domain,DC=local" -Description $Description -Confirm

As you can see I’ve hard coded the default OU Path, which you can easily change, or even create a variable for it too. Also you’ll notice that I put the “-Confirm” at the end, this will ask you again if you want to create it after you attempt to run it.

And that’s it! Now you can make sure you and your team always create AD Security Groups the same way. You can add more parameters if you like, check out the New-ADGroup Help for more info.