I had a need to routinely update the members of a security group in Active Directory. The users in an OU were to be added/removed from the security group on a scheduled basis.
- Import-Module ActiveDirectory
- Get-ADGroupMember -Identity "Some Security Group" | ForEach-Object { $Member = $_.SamAccountName; Remove-AdGroupMember -Identity "Some Security Group" -Members $Member -Confirm:$false }
- Get-User -OrganizationalUnit "Some OU" | ForEach-Object { Add-ADGroupMember -Identity "Some Security Group" -Members $_.SamAccountName }
This could be written into a powershell script file to be run on a schedule.