In the following example, I want to update the attribute Info user attribute to add the value "AxOn" for users included in the group GP_APP_AX in my Active Directory.

We will combine the commands Get-ADGroupMember and Set-ADUser to perform this modification

 

Get-ADGroupMember -id GP_APP_AX | foreach {Set-ADUser -id $_.SamAccountName -Replace @{info="AxOn"}}

 

 

Additional information :

If your group contains other objectclass than users, you may need to use the following filter in your request : 

where-object -property objectclass -eq user

 

Get-ADGroupMember -id GP_APP_AX | where-object -property objectclass -eq user | foreach {Set-ADUser -id $_.SamAccountName -Replace @{info="AxOn"}}

 

If your group contains other groups, you'll need to look for members using get-adgroupmember -recursive flag. you may also need to use the objectclass filter to avoid having the groups in your base query if you have cascade groups:
 
Get-ADGroupMember -id GP_APP_AX -Recursive | where-object -property objectclass -eq user | foreach {Set-ADUser -id $_.SamAccountName -Replace @{info="AxOn"}}
 

 

blog comments powered by Disqus