I have a .csv with 2 columns. Column 1 is called SourceGroup with a list of groups, and the other is DestinationGroup with a different list. I have a script I am trying to use that will Add the users from SourceGroup to the DestinationGroup, after the user will be removed from the source group. The error I am receiving is that they are already a member of the DestinationGroup. The issue is they are an indirect member, and I want to make them active members. Is there something I can add to my script to have it not check for indirect memberships? Here is the script I am using. I was hoping to not need to use the AD native tool as that would require me escalate up to Domain admin.
clear $admin = read-host "Enter username(domain\username)" $pw = read-host "Enter password" -AsSecureString $LogFile = "H:\ticketstuff\success.txt" $LogFile2 = "H:\ticketstuff\failed.txt" connect-qadService -ConnectionAccount $admin -ConnectionPassword $pw $list = import-csv “H:\ticketstuff\listtest.csv" foreach( $Group in $List ){ $Members = Get-qadGroupMember $Group.SourceGroup | select UserPrincipalName $Member = $Members.UserPrincipalName $S = Get-QADGroup $Group.SourceGroup | Select-Object -ExpandProperty name $D = Get-QADGroup $Group.DestinationGroup | Select-Object -ExpandProperty name foreach ($User in $Member){ Try { add-qadgroupmember -identity $Group.DestinationGroup -member $User | Where{$_.objectClass -eq 'User'} -ErrorAction Stop "User $User added to group $S" | Add-Content -Path $LogFile remove-qadgroupmember -identity $Group.SourceGroup -member $User | Where{$_.objectClass -eq 'User'} "User $User removed from group $D" | Add-Content -Path $LogFile } catch { "Error $User already in group $D" | Add-Content -Path $LogFile2 } } } Disconnect-QADService