[catlist name=”PowerShell ADSI and Active Directory” conditional_title=”Other Posts in this Series:” numberposts=5 pagination=yes customfield_orderby=”series_post_order” order=”asc”]
This post provides a simple example of how we can use PowerShell ADSI to modify an AD group. In this example, we modify the description attribute of an AD group. You can also use ADSI to clear the attributes for an AD group.
#OU containing the AD group
$adGroupOU="OU=Application,OU=Groups,DC=alkanesolutions,DC=co,DC=uk"
#AD group name
$addADGroup = "CN=alkane_ad_group"
#Full distinguished name of AD group
$distinguishedName = "$addADGroup,$adGroupOU"
#check if exists
$group = ([ADSISearcher] "(distinguishedName=$distinguishedName)").FindOne()
if ($group -ne $null)
{
#modify AD group description
$adGroupObj = [ADSI]("LDAP://$($group.Properties.distinguishedname)")
$adGroupObj.put('description',"Alkane description")
$adGroupObj.SetInfo()
}