Powershell add user to group

Question

I am trying to read an XML file with user information and based on that information I want to add users to Active Directory groups. I have been looking up the error messages

Answer 1

Here is a working example, you perhaps can adapt it.

First you forget to call the setinfo(), which is a kind of commit.

Second be careful that the value of $CurUser is in the form of 'CN=XXXXX'.

Clear-Host

# Connecting without User/Password to Active Directory
#$dn = [adsi] "LDAP://192.168.30.200:389/dc=dom,dc=fr"
# Connecting with User/Password to Active Directory
$dn = New-Object System.DirectoryServices.DirectoryEntry ("LDAP://192.168.234.200:389/dc=dom,dc=fr","administrateur@dom.fr","admin")

# Creation of an OU
$Monou = $dn.create("OrganizationalUnit", "ou=Monou")
$Monou.put("Description", "Une description")
$Res = $Monou.Setinfo()

# Basic creation of a user
$objUtilisateur = $Monou.create("inetOrgPerson", "cn=Marc Assin")
$objUtilisateur.setinfo()

$objUtilisateur.samaccountname = "Massin"
$objUtilisateur.givenName = "Marc"
$objUtilisateur.sn = "Assin"
$objUtilisateur.userPrincipalName = "Massin@dom.fr"
# Set the state of the account
$objUtilisateur.pwdLastSet = 0
$objUtilisateur.userAccountControl = 544 #512
$objUtilisateur.SetInfo()

# Creation of a group
$MonGroupe = $Monou.Create("Group", "cn=MonGroupe")
$ADS_GROUP_TYPE_GLOBAL_GROUP = 0x00000002
$ADS_GROUP_TYPE_SECURITY_ENABLED = 0x80000000
$groupeType = $ADS_GROUP_TYPE_SECURITY_ENABLED -bor $ADS_GROUP_TYPE_GLOBAL_GROUP

$MonGroupe.put("groupType",$groupeType) 
$MonGroupe.setinfo()

# Adding user to a group
$MonGroupe.add('LDAP://cn=Marc Assin,ou=Monou,dc=dom,dc=fr')
$MonGroupe.setinfo()