Other Posts in this Series:
- Use ADSI to List Nested Members of an AD Group (Updated)
- Use ADSI and FromFileTime to Convert Datetime Attributes in Active Directory
- Use ADSI to Find Logon Workstations in Active Directory
- Search Active Directory using PowerShell ADSISearcher Filters
- Use PowerShell ADSI to Search Users in Active Directory
This post provides a simple example of how we can use PowerShell ADSI to modify an AD group. In this example, we modify the description attribute of an AD group. You can also use ADSI to clear the attributes for an AD group.
#OU containing the AD group
$adGroupOU="OU=Application,OU=Groups,DC=alkanesolutions,DC=co,DC=uk"
#AD group name
$addADGroup = "CN=alkane_ad_group"
#Full distinguished name of AD group
$distinguishedName = "$addADGroup,$adGroupOU"
#check if exists
$group = ([ADSISearcher] "(distinguishedName=$distinguishedName)").FindOne()
if ($group -ne $null)
{
#modify AD group description
$adGroupObj = [ADSI]("LDAP://$($group.Properties.distinguishedname)")
$adGroupObj.put('description',"Alkane description")
$adGroupObj.SetInfo()
}
