Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $OU="OU=TheOUName,DC=yourdomain,DC=com"
- $ShadowGroup="CN=ShadowGroupName,OU=TheOUName,DC=yourdomain,DC=com"
- Get-ADGroupMember –Identity $ShadowGroup | Where-Object {$_.distinguishedName –NotMatch $OU} | ForEach-Object {Remove-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup –Confirm:$false}
- Get-ADUser –SearchBase $OU –SearchScope OneLevel –LDAPFilter "(!memberOf=$ShadowGroup)" | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ –MemberOf $ShadowGroup}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
