In this guide, I will show you how to add users to Active Directory security groups using PowerShell, ADUC, and by using the Bulk Group Management Tool. I will provide you with examples of adding a single user and multiple users to groups.
Example 1: Add a Single User to a Group Using PowerShell
You can use the cmdlet Add-ADGroupMember to add users to an Active Directory group.
In this example, I’m going to add a user Alma Martin to the AD security group IT_Local. Both the user and the group will be identified by their sAMAccountName.
Here is the command:
Add-ADGroupMember -Identity IT_Local -Members Alma.Martin
-Identity is the group and -members are the users you want to add to the group.
You can verify the user was added by using the ADPrincipalGroupMembership cmdlet.
Get-ADPrincipalGroupMembership -Identity Alma.Martin
Yes, the command worked and the user was added to the IT_Local AD group. If you don’t like PowerShell then check out example 2.
Example 2: Add User to a Group Using Active Directory Users and Computers
In this example, I will use the Active Directory Users and Computers GUI console to add a user to a security group.
For this example, I will add user Alice Mills to the Accounting_folders security group.
Open ADUC, open the user account and click on the “member of” tab.
Next, click on the add button.
You can type the full group name out or if you don’t remember it just type a partial name and click check names. I typed accounting and when I click check names it gives me a list of all the matching groups.
It found three groups that have accounting in the name, I select the one I want and click ok.
Click ok again.
Click ok and you are done.
You can confirm this by seeing the group listed in the members of tab for the user account.
Example 3: Bulk Add Users to a Single Group
Adding one or two users into a group is very easy with PowerShell or ADUC but what about when you need to add a large list of users? ADUC has very limited options for bulk-adding users and PowerShell can be complicated for simple tasks like this. That is why I created the Bulk Group Management GUI tool.
Let’s walk through an example.
I’m going to add 300+ users to the HR_Local security group.
Step 1: Open the “Bulk Group Management” Tool
Click on “Get CSV Template” and save the template. You can save it anywhere you like.
Step 2: Setup the CSV File
Now just fill out the CSV file.
Username = logon name of the users you want to add to a group
group = the group name to add the user to.
Tip: Included with this tool is the “User Export tool”. This makes it easy to export all domain users, users from a group, or organizational unit. This can help you build the CSV file if you don’t already have a list of usernames. For example, I need a list of all the HR users, instead of manually typing them all out I can use the export tool to quickly get all the HR usernames.
Here is a screenshot of the User Export Tool. In this screenshot, I’m going to export all of the users from the HR folder and just export their Username.
Now copy the usernames from the export CSV over to the “Bulk Group Template” and the CSV is ready to use.
Step 3: Run Bulk Group Management Tool
Select the CSV template, select “Add Users to Groups” and click Run.
The tool will display the results and you can watch the progress in the lower-left corner. If there are any errors they will display in red.
Let’s verify the users were added by using the Get-ADGroupMember PowerShell cmdlet.
Get-ADGroupMember -Identity hr_local | select name
You can also verify with the Group Membership report tool.
This tool is included in the AD Pro Toolkit.
Example 4: Add Users to Multiple Security Groups
So far I have shown you examples of adding single and multiple users to a single group. Now let’s look at an example of adding users to multiple Active Directory groups.
I’m going to add users to the “HR_folders”, “PDDrive_HR” and the “PDDrive_temp” AD groups all at the same time using the Bulk Group Management Tool.
If you jumped to this example then go back to example 2 for more details as I’m going to go straight into the CSV setup.
All that you need to do is add the user’s username to the username column and the group name to the group column. Very easy.
Here is a screenshot of the CSV I have configured for this example.
Open the GUI Tool, select the CSV file and click run.
You can use PowerShell, ADUC, or the Group Report tool to verify the group membership.
I hope this article helped you find a solution for adding users to Active Directory Security Groups. This is a very common task for System Administrators and there are multiple ways it can be done. PowerShell is a popular choice for Active Directory management but for those that don’t have time to mess with scripts, there are some good GUI tools as an alternative. The AD Pro Toolkit is a very low-cost set of tools that help with many of the day to day Active Directory tasks. You can download a free trial and test it out in your environment.
If you liked this article or have a question please post a comment below.
Recommended Tool: SolarWinds Server & Application Monitor
This utility was designed to Monitor Active Directory and other critical services like DNS & DHCP. It will quickly spot domain controller issues, prevent replication failures, track failed logon attempts and much more.
What I like best about SAM is it’s easy to use dashboard and alerting features. It also has the ability to monitor virtual machines and storage.