Other Posts in this Series:

LDAP Does Not Return All Active Directory Group Members
The Difference Between ADSI and ADSISearcher
Use ADSI to Check if a User is a Member of an AD Group
Use ADSI to Check if a Computer is a Member of an AD Group
Use ADSI to Migrate AD Group Members

This post provides a simple example of how we can use ADSI to modify an AD group. In this example, we modify the description attribute of an AD group. You can also use ADSI to clear the attributes for an AD group.

#OU containing the AD group
$adGroupOU="OU=Application,OU=Groups,DC=alkanesolutions,DC=co,DC=uk"

#AD group name
$addADGroup = "CN=alkane_ad_group"

#Full distinguished name of AD group		
$distinguishedName = "$addADGroup,$adGroupOU"

#check if exists
$group = ([ADSISearcher] "(distinguishedName=$distinguishedName)").FindOne()

if ($group -ne $null)
{		
    #modify AD group description
    $adGroupObj = [ADSI]("LDAP://$($group.Properties.distinguishedname)")
    $adGroupObj.put('description',"Alkane description") 
    $adGroupObj.SetInfo()
}

Use ADSI to Modify an AD Group

Other Posts in this Series:

Related posts: