PPoShDemo

0.0.3

Public/Add-ToLocalGroup.ps1

                                function Add-ToLocalGroup {

  #requires -Version 3.0 

  <#

      .SYNOPSIS

      Adds a user or a group to local group on a remote computer. 

      .DESCRIPTION

      Will add user or groupo to a local group on a remote computer. LocalGroup parameter specifies which group it will be, i.e. Administrators, Remote Desktop Users, or others. Output is a custom object with  computername, localgroup, identity and status of action

      .PARAMETER ComputerName

      Destination computer name where to add user or group (Identity parameter). Will accept mupltiple values.

      .PARAMETER LocalGroup

      Local group on destination computer where the Identity should be added to. 

      .PARAMETER DomainName

      Domain name - required for user/group string creation. Can be a workgroup or local computer name instead of domain name. Defaults to current $env:userdomain - can be domain or workgroup, depending on current environment.

      .PARAMETER Type

      Type of identity to add - user or group.

      .PARAMETER Identity

      Identity of a user/group to add. Provide samaccountname

      .EXAMPLE

      Add-ToLocalGroup -ComputerName 'somecomputer' -Group Administrators -Type User -Identity 'someuser'

      This will add 'someuser' to 'somecomputer' as local administrator for current default user domain

      .EXAMPLE

      Add-ToLocalGroup -LocalGroup 'administrators' -Type User -Identity test1 -ComputerName 'somecomputer1','somecomputer2' -Verbose -DomainName 'somedomain'

      This will add somedomain\test1 user to group Administrators on both somecomputer1 and somecomputer2 providing Verbose output:

        VERBOSE: Starting Add-ToLocalGroup 

        VERBOSE: Execution Metadata:

        VERBOSE: User = SOMEDOMAIN\test1

        VERBOSE: Computername = MyMachine

        VERBOSE: Host = Windows PowerShell ISE Host

        VERBOSE: PSVersion = 5.1.14393.693

        VERBOSE: Runtime = 03/12/2017 15:22:26

        VERBOSE: [15:22:26.4476294 BEGIN   ] Starting: Add-ToLocalGroup

        VERBOSE: [15:22:26.4476294 PROCESS ] Processing computer {somecomputer1}

        VERBOSE: [15:22:26.4481291 PROCESS ] Trying to use ADSI connector to access to computer {somecomputer1} local group {administrators}

        VERBOSE: [15:22:26.4486294 PROCESS ] Trying to use ADSI connector to add user {test1} to local group {administrators} on computer {somecomputer1}

        Computername  LocalGroup     Identity status 

        ------------  ----------     -------- ------ 

        somecomputer1 administrators test1    Success

        VERBOSE: [15:22:28.7263823 PROCESS ] Processing computer {somecomputer2}

        VERBOSE: [15:22:28.7268819 PROCESS ] Trying to use ADSI connector to access to computer {somecomputer1} local group {administrators}

        VERBOSE: [15:22:28.7268819 PROCESS ] Trying to use ADSI connector to add user {test1} to local group {administrators} on computer {somecomputer1}

        Computername  LocalGroup     Identity status 

        ------------  ----------     -------- ------ 

        somecomputer2 administrators test1    Success

        VERBOSE: [15:22:30.9911669 END     ] Ending: Add-ToLocalGroup

        VERBOSE: Ending Add-ToLocalGroup 

  #>

  [CmdletBinding()]             

  [OutputType([PSObject])]

  param(                        

    [Parameter(Mandatory=$false,HelpMessage='Destination Computer name')]             

    [string[]]

    $ComputerName='localhost',

    [Parameter(Mandatory=$true,HelpMessage='Local Group to add Identity to')]

    [string]

    $LocalGroup,

    [Parameter(Mandatory=$false,HelpMessage='Domain or workgroup name')]

    [string]

    $DomainName="$env:USERDOMAIN",  

    [Parameter(Mandatory=$true,HelpMessage='Type of Identity to add')]

    [ValidateSet('User', 'Group')]

    [string]

    $Type,

    [Parameter(Mandatory=$true,HelpMessage='Identity to add')]

    [string]

    $Identity

  )

  Begin {

  }

  Process{

    foreach ($computer in $ComputerName) {

     Write-Log -Info -Message "Processing computer {$computer}"

      try {

       Write-Log -Info -Message "Trying to use ADSI connector to access to computer {$computer} local group {$LocalGroup}"

        $Group = [ADSI]"WinNT://$computer/$LocalGroup,group"

        if ($Type -eq 'Group') { 

         Write-Log -Info -Message "Trying to use ADSI connector to add group {$Identity} to local group {$LocalGroup} on computer {$computer}"

          $addgroup = [ADSI]"WinNT://$DomainName/$Identity,group"

          $Group.Add($addgroup.Path)

         Write-Log -Info -Message "Successfuly added group {$Identity} to local group {$LocalGroup} on computer {$computer}"

          $status = 'Success'

        } 

        elseif ($Type -eq 'User') {

         Write-Log -Info -Message "Trying to use ADSI connector to add user {$Identity} to local group {$LocalGroup} on computer {$computer}"

          $addUser = [ADSI]"WinNT://$DomainName/$Identity,user"

          $Group.Add($addUser.Path)

         Write-Log -Info -Message " Successfuly added user {$Identity} to local group {$LocalGroup} on computer {$computer}"

          $status = 'Success'

        }

      }

      catch {

        $scriptName = split-path -Path ($_.InvocationInfo.ScriptName) -Leaf

        $scriptLine = $_.InvocationInfo.ScriptLineNumber

        $errorMessage = $_.Exception.InnerException.Message

        Write-Log -Error -Message "$scriptName/$scriptLine : $errorMessage "

        $status = 'Failure'

      }

      [PSCustomObject]@{

        Computername = $computer

        LocalGroup = $LocalGroup

        Identity = $Identity

        status = $status

      }

    }

  }

  End {

  }

}