Site Logo Image Maintenance Scripts

A repository of PowerShell Scripts to automate a variety of IT related maintenance tasks.

© 2025. All rights reserved.

Copy-GroupMembership.ps1

Description

@GitHub Copilot - Welcome @BanterBoy, I’m your Copilot and I’m here to help you get things done faster. I can identify issues, explain and even improve code.

You can ask generic questions, but what I’m really good at is helping you with your code. For example:

Generate unit tests for my code Explain the selected code Propose a fix for the bugs in my code If you want to learn more about my capabilities and limitations, check out the Copilot documentation.

I’m powered by AI, so surprises and mistakes are possible. Make sure to verify any generated code or suggestions, and share feedback so that we can learn and improve.

@BanterBoy: - Explain what the script does and why it is useful.

@GitHub Copilot - The code above is a PowerShell script that defines a function called Copy-GroupMembership. This function is designed to copy a user’s Active Directory group membership to another user. The function takes two parameters: $CopyMembershipFrom and $CopyMembershipTo. These parameters are used to specify the source and destination users for the group membership copy operation.

The function begins by using the Get-ADUser cmdlet to retrieve the group membership of the source user specified by the $CopyMembershipFrom parameter. The memberof property of the user object is used to retrieve the list of groups that the user is a member of.

The function then iterates over each group in the $GroupMembership list. For each group, the function checks if the destination user specified by the $CopyMembershipTo parameter is already a member of the group. If the destination user is not already a member of the group, the function uses the Add-ADGroupMember cmdlet to add the destination user to the group. The function also writes the name of the group to the output stream using the Write-Output cmdlet.

Overall, this function is a useful tool for administrators who need to copy group membership from one user to another in an Active Directory environment. By automating this process, the function can save administrators time and reduce the risk of errors.

Possible ways to improve the code with respect to readability and performance include adding comments to explain the purpose of each section of the code, using more descriptive variable names, and optimizing the code to reduce the number of calls to the Active Directory server.

@BanterBoy: - Can you provide an example of how to use the Copy-GroupMembership function in a PowerShell script?

@GitHub Copilot - Sure! Here’s an example of how to use the Copy-GroupMembership function in a PowerShell script:

# Import the Active Directory module
Import-Module ActiveDirectory

# Call the Copy-GroupMembership function to copy group membership from one user to another
Copy-GroupMembership -CopyMembershipFrom "jdoe" -CopyMembershipTo "jsmith"

In this example, the Copy-GroupMembership function is called with the -CopyMembershipFrom parameter set to "jdoe" and the -CopyMembershipTo parameter set to "jsmith". This will copy all of the group memberships from the user with the SamAccountName "jdoe" to the user with the SamAccountName "jsmith". The function will output a list of the Active Directory groups that the destination user was added to.

Note that the ActiveDirectory module needs to be imported before the Copy-GroupMembership function can be used. This module provides the Get-ADUser and Add-ADGroupMember cmdlets that the function relies on.

Script

Function Copy-GroupMembership {

    <#
    .SYNOPSIS
        Copy Group Membership from an existing Active Directory User to another Active Directory User
    .DESCRIPTION
        This function will copy a users Active Directory Group Membership to another Active Directory User by querying a users current membership and adding the same groups to another user.
    .EXAMPLE
        PS C:\> Copy-GroupMembership -CopyMembershipFrom SAMACCOUNTNAME -CopyMembershipTo SAMACCOUNTNAME
        Copies all group membership from one Active Directory User and replicates on another Active Directory User
    .INPUTS
        Active Directory SamAccountName
    .OUTPUTS
        Outputs a list of Active Directory Groups the Active Directory User has been added to.
    .NOTES
        General notes
    #>

    [CmdletBinding()]
    param (
        [Parameter( Mandatory = $true,
            ValueFromPipeline = $true,
            ValueFromPipelineByPropertyName = $true,
            HelpMessage = "Enter the SamAccountName for the user you are copying from."
        )]
        [string]
        $CopyMembershipFrom,

        [Parameter( Mandatory = $true,
            ValueFromPipeline = $true,
            ValueFromPipelineByPropertyName = $true,
            HelpMessage = "Enter the SamAccountName of the user you are copying to."
        )]
        [string]
        $CopyMembershipTo

        )

    $GroupMembership = Get-ADUser -Identity $CopyMembershipFrom -Properties memberof
    foreach ($Group in $GroupMembership.memberof) {
        if ($Group -notcontains $Group.SamAccountName) {
            Add-ADGroupMember -Identity $Group $CopyMembershipTo -ErrorAction SilentlyContinue
            Write-Output $Group
        }
    }
}

Back to Top

Download

Please feel free to copy parts of the script or if you would like to download the entire script, simple click the download button. You can download the complete repository in a zip file by clicking the Download link in the menu bar on the left hand side of the page.

Report Issues

You can report an issue or contribute to this site on GitHub. Simply click the button below and add any relevant notes. I will attempt to respond to all issues as soon as possible.

Issue

Back to Top