4

I want to create a SharePoint Group named "SomeGroup" and then want to add crossponding Active Directory Group to this SharePoint Group "SomeGroup". I have searched but not found any good example to accomplish this using powershell. What will be the Poweshell script for this for sharepoint 2013

Improve this question
2
  • How to add AD group. From Santosh does not work .. Commented Apr 19, 2020 at 14:50
  • For what is this command ?? I don't understand. I wish to add ad group to sp group. But code from Santosh does not work. With this code I can add users but not group. Please help Commented Apr 19, 2020 at 15:31

5 Answers 5

Reset to default
4 
$SiteCollection = "http://site/sitecollection"
$ADGroupName = "domain\adgroup"
$SPGroupName = "My Test Group A1"
$SPGroupDescription = "Test Group A1’s Description"
$SPGroupPermission = "Read"

#Start of script
$site = Get-SPWeb $SiteCollection

#Check if the group already exists
if ($site.SiteGroups[$SPGroupName] -eq $null)
{

#Ensure Group/User is part of site collection users beforehand and add them if needed
$site.EnsureUser($ADGroupName)

# Get the AD Group/User in a format that PowerShell can use otherwise there will be a string error
$ADGroupSPFriendly = $site | Get-SPUser $ADGroupName

#Create the SharePoint Group – Group Name, Group Owner, Group Member, Group Description. Can’t add AD group yet…
$NewSPGroup = $site.SiteGroups.Add($SPGroupName, $site.CurrentUser, $site.CurrentUser, $SPGroupDescription)
$site.AssociatedGroups.Add($site.SiteGroups[$SPGroupName]);
$NewSPAccount = $site.SiteGroups[$SPGroupName]

#Assign the Group permission
$GroupAssignment = New-Object Microsoft.SharePoint.SPRoleAssignment($NewSPAccount)
$GroupRole = $site.RoleDefinitions[$SPGroupPermission]
$GroupAssignment.RoleDefinitionBindings.Add($GroupRole)
$site.RoleAssignments.Add($GroupAssignment)

#Add the AD Group/User to the group, can’t be done during group creation when using Powershell otherwise errors so is done now.
Set-SPUser -Identity $ADGroupSPFriendly -Web $SiteCollection -Group $SPGroupName
}
$site.Dispose()
}

Surce: http://blog.thefullcircle.com/2013/02/create-a-sharepoint-group-with-permissions-and-add-an-ad-group-to-it/

Improve this answer
3
  • The last Line: Set-SPUser -Identity $ADGroupSPFriendly -Web $SiteCollection -Group $SPGroupName will add a single/one user to the SPGroup, right ? But I want to add whole the AD Group to SP Group, How that will be accomplish? Commented Mar 3, 2015 at 13:38
  • It should add the AD group. Give it a try and see what happens Commented Mar 3, 2015 at 13:57
  • I have tested. It did not add AD group, Error: a valid user name or object is required?? Commented Mar 11, 2015 at 14:20
0

Here is a function which i have modified little bit for adding Ad group in to share point group for a site collection 

Function AddADGroup($SPGroupName,$ADGroupName)
{    
    $SiteCollection = "http://yoursitcollectionurl"
    $site = Get-SPWeb $SiteCollection
    $site.EnsureUser($ADGroupName)
    $ADGroupSPFriendly = $site | Get-SPUser $ADGroupName
    Set-SPUser -Identity $ADGroupSPFriendly -Web $SiteCollection -Group $SPGroupName
    Write-Host $ADGroupName
    Write-Host $ADGroupSPFriendly
    Write-Host "Added the ADGroup" + $ADGroupName + "Sucessfully to the SPGroup" + $SPGroupName

    $site.Dispose()
}

#To Execute this function 

AddADGroup "Sharepointgroup" "Domain\ADGroup"
Improve this answer
0

A slightly modified and shorter version

function updateWebGroup ($web, $spGroupName, $adGroupName){
    $group = $web.AssociatedGroups | ? {$_.Name -eq $spGroupName}
    if($group)
    {
        $adGroup = $web.EnsureUser($adGroupName)
        $group.AddUser($adGroup)
        $group.Update()
    }
}
Improve this answer
0

Here is a quick solution for this using pnp-powershell.

$context = Connect-PnPonline -Url [mysite] -ReturnConnection
$web = Get-PnPWeb -Connection $context
$adgroup = "c:0t.c|tenant|[ad id]"    
$ensureUser = $web.EnsureUser($adgroup)
$adgroup= Get-PnPUser $adgroup -Connection $context
Add-PnPUserToGroup -LoginName $adgroup.LoginName -Identity "$($web.Title) Owners" -Connection $context
  • To find the AD group ID in Sharepoint, add that group to some sp user group, and then grab the ID shown when you click on that entity.
  • Change "$($web.Title) Owners" to whatever group that already exist in the site
Improve this answer
-2

The correct command is - 

New-SPUser -UserAlias "domain\username" -Web $WebUrl -Group $SharePointGroupName
Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.