forked from joerod/powershell
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathad_set_gid.ps1
54 lines (44 loc) · 1.26 KB
/
ad_set_gid.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# Sets group IDs for Groups in Active Directory See Comment to run as batch.
# Run as batch:
# $groups = Get-ADGroup -Properties gidNumber -Filter * | Where { $_.gidNumber -eq $Null }
# foreach ( $group in $groups ) { .\ad_set_gid $group.SamAccountName }
Param(
[Parameter(Position=0,mandatory=$true)]
[string]$groupName
)
Function checkGroup {
Get-ADGroup -Identity $groupName
}
Function nextGid {
#gets the next avalible gidNumber to assign to the object
$gidNum = Get-ADGroup -filter { gidNumber -like "*" } -Properties gidNumber |
select -ExpandProperty gidNumber | sort gidNumber
$next = $gidNum | Measure -Maximum | select -ExpandProperty maximum
#skips UID 110000
if ( $next -eq 110000 -or $next -eq $null ) {
$next = 110001
$next
}
else {
$next++
$next
}
}
Function checkGroup {
$gid = Get-ADGroup -Identity $groupName -Properties gidNumber | select -ExpandProperty gidNumber
if ( $gid -ne $null ){
Write-Output "$groupName already has GID $gid"
}
else {
$gidNumber = nextGid
Set-ADGroup -Identity $groupName -replace @{gidNumber = "$gidNumber"}
Write-Output "gidNumber $gidNumber added to $groupName"
}
}
$checkGroup = checkGroup
if ( $checkGroup -ne $null ) {
checkGroup
}
else {
Write-Output "Group not found in Active Directory"
}