AD Security Groups and Creating Folders on a Share with Powershell

The below script is used to loop through all security groups in a particuler OU in Active Directory and create a folder on the share for each group and then, inside that folder, create a separate folder for each member of that group.

function CreateSubdirectory($path)
{
 New-Item -ItemType Directory -Path $path

}


foreach ($group in get-adgroup -searchbase "OU=MyOU,DC=mydomain,DC=com" -filter *){
  
 #create a subfolder $group.name
 $sharepath="\\SERVER\SHARE" + $group.name
 CreateSubdirectory $sharepath

 foreach ($member in ($group.member | sort)) 
 {
  #create a folder for each memeber $member.name
  CreateSubdirectory $sharepath + $member.name

 }
 }

Moving AD User to another OU using different credentials

In order to move Active Directory User to another OU you will need a service account with priviledges to move AD objects. Below is VBScript that worked for me:

Const ADS_SECURE_AUTHENTICATION = 1
sADDomain = "mydomain"
sADUser = "serviceuser"
sADPassword = "mypassword"

sDestOU = "LDAP://OU=My Group,DC=mydomain,DC=net"
Set objRootDSE = GetObject("LDAP:")
Set objSysInfo = CreateObject("ADSystemInfo")
Set objDestOU = objRootDSE.OpenDSObject(sDestOU, sADDomain & "\" & sADUser, sADPassword, ADS_SECURE_AUTHENTICATION)

Set objUser = objRootDSE.OpenDSObject("LDAP://" & objSysInfo.UserName, sADDomain & "\" & sADUser, sADPassword, ADS_SECURE_AUTHENTICATION)

objDestOU.MoveHere "LDAP://" & objUser.distinguishedName, vbNullString
If Err.Number = 0 Then
 MsgBox "User moved successfully."
Else
 MsgBox "Error " & Err.Number & ": " & Err.Description
 Err.Clear
End If

Running Powershell script with spaces in the name from VBScript

Running Powershell script from VBScript is rather simple:

Set objShell=CreateObject("Wscript.Shell)
sCmd="C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe C:\test.ps1"
objShell.Run sCmd, 1, true

But what to do when the Powershell script file has spaces in the name, like C:\My Path\test.ps1?

Theanswer is to use ampersand and single quotes:

Set objShell=CreateObject("Wscript.Shell)
sCmd="C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe " & Chr(34) & "& 'C:\script with spaces.ps1'"  & Chr(34) 
objShell.Run sCmd, 1, true

or

Set objShell=CreateObject("Wscript.Shell)
sPSPath="C:\script with spaces.ps1"
sCmd="C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe " & Chr(34) & "& '" & sPSPath & "'"  & Chr(34) 
objShell.Run sCmd, 1, true

Active Directory container vs. organizational unit

Active directory container is a built-in container that comes with AD and they cannot be altered to suit your organizational needs, without altering the AD schema. (Examples: Computers and Users containers).

An OU or Organizational Unit is a special purpose container created by the user and to which administrators can apply group policy. Group policy cannot be applied to a container. An organizational unit is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. You can create organizational units to suit your organization's functional or business structure. Each domain can implement its own organizational unit hierarchy.

Add an array value to the Registry using Powershell

The code below initializes array $a and creates a key named "MyArray" of type REG_MULTI_SZ in registry path HKEY_CURRENT_USER\Control Panel\Desktop\Test and sets its value to an array

$a = ("val1", "val2", "val3")

$RegPath= "Registry::HKEY_CURRENT_USER\Control Panel\Desktop\Test"

Set-itemProperty $RegPath -name "myArray" -value $a -type MultiString