Security in Obscurity

A script by Jeff Stein
      Add-MachinetoGroup.ps1
      Adds objects specified by the user in Active Directory to any security group specified, February 2017
    
The script entitled "Add-MachinetoGroup" will import the AD module and adds objects specified from a prompt to a security group. The script is designed for the Microsoft Windows operating system, leveraging PowerShell 4.0 and above.
DISCLAIMERThis script is offered 'as is' with no warranty. While it has been tested and verified to work in my environment, it is recommended that you test this script in a test environment before utilizing in your own production environment. 
InstallationTo get started download the files listed in the resource section and save the Add-MachinetoGroup.txt as a .ps1 file. It should be extracted to the desktop of the Windows machine where the script will run from. The Active Directory module should be installed on the machine for the script to run properly. Once extracted, the Add-MachinetoGroup.ps1 file can be right-clicked and "Run with PowerShell" can be selected. It is recommended that this is an account that has administrator privileges. Alternatively, PowerShell can be manually opened on the system and the terminal navigated to the appropriate directory where the script is located and executed from there. With either option, it is recommended the action to run the script is done with an account that has administrator privileges.
OverviewThe script will add active directory objects to a security group of your choosing and validate the membership of the security group. You can see an sample of the code below:

Gather Request Information

do {$groupname= read-host "Please enter the Active Directory security group you wish to add objects to: "}

until (dsquery group -samid $groupname)

""

do {$computername= read-host "Please enter the Active Directory machine object you wish to add to a security group: "}

until (dsquery computer -samid $computername)

""

After identifying the object and security group to modify the script will perform the needed action to add the object to the security group. Validation of the changes are also performed. You can see an sample of the code below:
 Add Object to Group

Add-ADGroupMember -Identity $groupname -Members $computername

$revisedgroup = Get-ADGroupMember -Identity $groupname | select -Property SamAccountName

if ($revisedgroup -match $computername) {write-host "Machine was added to group."}

Else {write-host "Machine not found in group: "$revisedgroup}

      Resources
    
Add-MachinetoGroup.txt

Readme.txt
VIEW NEXT >>

      Tags
    
Security Vulnerabilities IDS/IPS
      Malware Policies PowerShell
      Python Splunk Cloud
      Script PKI 
    
      Topics
    
        Thoughts

        Scripts

        Published Works

        Courses