In our “HOW TO Series” we want to show you, how to use a PowerShell Script to Self Service your IT with au2mator. In this Article, we will demonstrate how easy it is, to use PowerShell and au2mator to “Add an User to a Group”.

Our Service should provide a User Selection and a Group Selection, the PowerShell Script will add the Active Directory User in this AD Group.

PowerShell Script

At the beginning, and very important, the Input Paramaters. beside our “Built in Parameters” we have to add one for the selected User, one for the Group and a Comment.

#region InputParamaters
##Question in au2mator
param (
    [parameter(Mandatory = $true)] 
    [String]$c_User,
 
    [parameter(Mandatory = $true)] 
    [String]$c_Group, 

    [parameter(Mandatory = $false)] 
    [String]$c_Comment, 

## au2mator Initialize Data
    [parameter(Mandatory = $true)] 
    [String]$InitiatedBy, 

    [parameter(Mandatory = $true)] 
    [String]$RequestId, 
 
    [parameter(Mandatory = $true)] 
    [String]$Service, 
 
    [parameter(Mandatory = $true)] 
    [String]$TargetUserId
)
#endregion  InputParamaters

The Main Part of the Script, see the End of the Post, to download the complete Script

#region Script
Write-au2matorLog -Type INFO -Text "Start Script"
if ($DoImportPSSession) {

    Write-au2matorLog -Type INFO -Text "Import-Pssession"
    $PSSession = New-PSSession -ComputerName $DCServer
    Import-PSSession -Session $PSSession -DisableNameChecking -AllowClobber
}
else {
        
}

Write-au2matorLog -Type INFO -Text "Import AD PS Module"
Import-Module ActiveDirectory


Write-au2matorLog -Type INFO -Text "Try to add User in Group"


if (Get-ADGroupMember -Identity $c_Group | Where-Object -Property DistinguishedName -Value $c_User -EQ)
{
    
    Write-au2matorLog -Type INFO -Text "User is already in Group"

    $au2matorReturn = "User $c_User is already in Group $c_Group"
    $AdditionalHTML="<br>
    User " + (Get-ADUser -identity $c_User).DisplayName +" was already a Member of the Group "+(Get-ADGroup -Identity $c_Group).DisplayName+"
    <br>
    "
    $Status = "COMPLETED"
}
else {
    try {
        Add-ADGroupMember -Identity $c_Group -Members $c_User
        Write-au2matorLog -Type INFO -Text "User added in Group"
    }
    catch {
        $ErrorCount = 1
        Write-au2matorLog -Type ERROR -Text "Error on adding User in Group"
        Write-au2matorLog -Type ERROR -Text $Error
    }


    if ($ErrorCount -eq 0) {
        $au2matorReturn = "User $c_User added in Group $c_Group"
        $AdditionalHTML="<br>
        User " + (Get-ADUser -identity $c_User).DisplayName +" added in Group "+(Get-ADGroup -Identity $c_Group).DisplayName+"
        <br>
        "
        $Status = "COMPLETED"
    }
    else {
        $au2matorReturn = "failed to add $c_User in Group $c_Group, Error: $Error"
        $Status = "ERROR"
    }
}
#endregion Script

The Service

Create a new Service and provide the necessary Informations

Now we configure the Questions

c_User

Chosse a nice Question Name, select LDAP as Question type and follow the Screenshot for the Rest

c_Group

Here we also configure a nice Question and select LDAP as Type

Save the Service

How it looks like

Summary

More Details on how to build: https://au2mator.com/add-user-to-group-active-directory-self-service-with-au2mator/

Download PowerShell: https://github.com/au2mator/AD-Add-User-to-Group

Other How To Articels: https://au2mator.com/category/how-to/