+1 Sent from my iPhone
On Nov 26, 2015, at 11:04 AM, Andrew S. Baker <[email protected]<mailto:[email protected]>> wrote: Well then... :) Happy Thanksgiving, everyone [1] ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market… GPG: 1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A [1] As deemed appropriate or relevant in your local jurisdiction. On Thu, Nov 26, 2015 at 3:51 AM, Gavin Wilby <[email protected]<mailto:[email protected]>> wrote: Il check those out, thanks. Probably worth mentioning at this point that our functional level is still 2003 (I know…) Gavin Wilby IT Support Engineer From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Andrew S. Baker Sent: 25 November 2015 18:32 To: ntsysadm Subject: Re: [NTSysADM] AD group membership script. I believe you can, but I would need to test it again. http://blogs.technet.com/b/askds/archive/2011/06/13/target-group-policy-preferences-by-container-not-but-group.aspx http://www.grouppolicy.biz/2010/01/microsoft-release-two-new-group-policy-hot-fixes/ ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market… GPG: 1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A On Wed, Nov 25, 2015 at 10:20 AM, Gavin Wilby <[email protected]<mailto:[email protected]>> wrote: You cannot apply a GPP to all members of a nested distribution group. At least, you cannot when I tried it. Gavin Wilby IT Support Engineer From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Andrew S. Baker Sent: 25 November 2015 14:53 To: ntsysadm Subject: Re: [NTSysADM] AD group membership script. Ummm.. I'm not understanding something. If you are adding various groups (e.g. Group1, Group2, Group3) to a larger group (e.g. SuperGroup), then why do you need to worry about if the membership in the smaller group? Windows will handle that. Unless I'm missing the obvious... ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market… GPG: 1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A On Wed, Nov 25, 2015 at 5:08 AM, Gavin Wilby <[email protected]<mailto:[email protected]>> wrote: Hi, I have quite a few nested security and distribution groups that I want to add to another group (for GPP purposes). I can do this with: Get-ADGroupMember "Top Level Group" -Recursive | ForEach-Object { add-adgroupmember -identity "GPP group" -members $_} However the membership changes within the original groups a bit, so I was going to script this with this above it: Remove-ADGroupMember "GPP Group" -Members (get-adgroupmember "GPP Group") -Confirm:$false So this clears the group down and then re-adds the right users each time in the case that the group changes and a user is added or removed. However, this doesn’t seem in my mind to be the best way to do it. What id like to do is an add and then a remove if the user no longer exists, rather than clear the whole group each time, is there a syntax for this that will work? I guess Im looking for an “ IS NOT” statement or something? Gavin Wilby SMP Partners Limited, SMP Trustees Limited and SMP Fund Services Limited are licensed by the Isle of Man Financial Services Authority. SMP Accounting & Tax Limited is a member of the ICAEW Practice Assurance Scheme. SMP Partners Limited registered in the Isle of Man, Company Registration No: 000908V Directors: M.W. Denton, M.J. Derbyshire, S.E McGowan, O. Peck, J.J. Scott, S.J. Turner SMP Trustees Limited registered in the Isle of Man, Company Registration No: 068396C Directors: A.C. Baggesen, J.M. Cubbon, M.W. Denton, K.M. Goldie, O Peck, J. Watterson SMP Fund Services Limited registered in the Isle of Man, Company Registration No: 120288C Directors: V. Campbell, R.K. Corkhill, M.W. Denton, D.A. Manser, S.E McGowan, J.J. Scott SMP Accounting & Tax Limited registered in the Isle of Man, Company Registration No: 001316V Directors: I.F. Begley, A.J. Dowling, P. Duchars, J.J. Scott, S.J. Turner SMP Capital Markets Limited registered in the Isle of Man, Company Registration No: 002438V Directors: M.W. Denton, M.J. Derbyshire, D.F Hudson, S.E McGowan, O. Peck, J.J. Scott. SMP Partners Limited, SMP Trustees Limited, SMP Fund Services Limited, SMP Accounting & Tax Limited and SMP Capital Markets Limited are members of the SMP Partners Group of Companies. This email is confidential and is subject to disclaimers. Details can be found at: http://www.smppartners.com/disclaimer.html ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________ ______________________________________________________________________ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com ______________________________________________________________________ This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
