This little guy is a simple dynamic parameter resource for you all. Take a look at my previous blog post about how these parameters work. Totally worth adding these things to your scripts. This script is simple, it uses the add-adgroupmemeber and dynamic parameters to help pad against mistakes.
The Script
function Set-SHDADGroupMemebers {
[cmdletbinding()]
param (
[parameter(mandatory=$true)][validateset('Add','Remove')][string]$Action,
[securestring]$Credential,
[switch]$Output
)
DynamicParam {
# Set the dynamic parameters' name
$ParamName_portgroup = 'Group'
# Create the collection of attributes
$AttributeCollection = New-Object System.Collections.ObjectModel.Collection[System.Attribute]
# Create and set the parameters' attributes
$ParameterAttribute = New-Object System.Management.Automation.ParameterAttribute
$ParameterAttribute.Mandatory = $true
# Add the attributes to the attributes collection
$AttributeCollection.Add($ParameterAttribute)
# Create the dictionary
$RuntimeParameterDictionary = New-Object System.Management.Automation.RuntimeDefinedParameterDictionary
# Generate and set the ValidateSet
$arrSet = (Get-ADGroup -Filter *).name
$ValidateSetAttribute = New-Object System.Management.Automation.ValidateSetAttribute($arrSet)
# Add the ValidateSet to the attributes collection
$AttributeCollection.Add($ValidateSetAttribute)
# Create and return the dynamic parameter
$RuntimeParameter = New-Object System.Management.Automation.RuntimeDefinedParameter($ParamName_portgroup, [string], $AttributeCollection)
$RuntimeParameterDictionary.Add($ParamName_portgroup, $RuntimeParameter)
# Set the dynamic parameters' name
$ParamName_datastore = 'Username'
# Create the collection of attributes
$AttributeCollection = New-Object System.Collections.ObjectModel.Collection[System.Attribute]
# Create and set the parameters' attributes
$ParameterAttribute = New-Object System.Management.Automation.ParameterAttribute
$ParameterAttribute.Mandatory = $true
# Add the attributes to the attributes collection
$AttributeCollection.Add($ParameterAttribute)
# Generate and set the ValidateSet
$arrSet = (Get-ADUser -Filter *).name
$ValidateSetAttribute = New-Object System.Management.Automation.ValidateSetAttribute($arrSet)
# Add the ValidateSet to the attributes collection
$AttributeCollection.Add($ValidateSetAttribute)
# Create and return the dynamic parameter
$RuntimeParameter = New-Object System.Management.Automation.RuntimeDefinedParameter($ParamName_datastore, [string], $AttributeCollection)
$RuntimeParameterDictionary.Add($ParamName_datastore, $RuntimeParameter)
return $RuntimeParameterDictionary
}
begin{
$Group = $PsBoundParameters[$ParamName_portgroup]
$username = $PsBoundParameters[$ParamName_datastore]
}
process {
if ($PSBoundParameters.ContainsKey('Credential')) {
if ($Action -like "Add") {
Add-ADGroupMember -Identity $group -Members $username -Credential $Credential
} elseif ($Action -like "Remove") {
Remove-ADGroupMember -Identity $group -Members $username -Credential $Credential
} else {
Get-ADGroupMember -Identity $group -Credential $Credential
}
} else {
if ($Action -like "Add") {
Add-ADGroupMember -Identity $group -Members $username
} elseif ($Action -like "Remove") {
Remove-ADGroupMember -Identity $group -Members $username
} else {
Get-ADGroupMember -Identity $group
}
}
}
end {
if ($Output) {
if ($PSBoundParameters.ContainsKey('Credential')) {
Get-ADGroupMember -Identity $Group -Credential $Credential
} else {
Get-ADGroupMember -Identity $group
}
}
}
}
Example 1
Set-SHDADGroupMemebers -Action Add -Group Administrators -Username Adam.Long -Output
Adds Adam.Long to the administrators group. Then it outputs all the users inside that group.
Example 2
Set-SHDADGroupMemebers -Action Remove -Group Administrators -Username Adam.Long
Removes Adam.Long from the Administrators group without outputting any additional information.