Duplicate Active Directory Group with Members from PowerShell

  Active Directory, Powershell, Windows

Fireup your PowerShell ISE, modify to your needs, and run !

Please leave comments, suggestions below !

Import-Module ActiveDirectory

# Determine the base OU
$Path = 'OU=Accounting,OU=-Department,OU=Office,DC=MyDomain,DC=net'

# Determine the new path where the groups will be created. Can be different or the same.
$NewPath = 'OU=HR,OU=-Department,OU=Office,DC=MyDomain,DC=net'

# Get all security groups to duplicate. You can select Universal, Distribution or Security.
$Grp = Get-ADGroup -Filter {GroupCategory -eq 'security'} -searchbase $Path

# Loop through the groups and duplicate them, with a new name, and same base OU.
foreach ($OldGrp in $Grp) 
{
 #If you need to replace characters from the original group name, else comment the "-replace" part.
 $OldGrpName = $OldGrp.SamAccountName -replace '-','_' 
 
 #Adds a prefix/suffix to the new name. You can use either or both. Comment what you don't need.
 $NewGrpName = "gbl_" + $OldGrpName + "_new"
 
 #Prints out the progress of the loop so you can visually keep track.
 Write-Host $NewGrpName 

 #Creates the new group, in the new Path.
 New-ADGroup –name $NewGrpName –groupscope Global –path $NewPath 

 #Get the users from the original group
 $Users = Get-ADGroupMember $OldGrp 
 
 #Add the same users to the new group.
 if($Users -ne $null){Add-ADGroupMember -Identity $NewGrpName -members $Users} 

}

Leave a comment