Hi,
I have to copy selected users and computer objects from my parent domain to a newly created child domain. I exported the users by using the below PowerShell script. But I am not sure how to export the groups, computer objects and import into child domain with correct order to make sure it looks the same as the parent. Deeply Appreciate your input on this.
Get-ADUser -Filter {enabled -eq $true} -SearchBase “OU=,DC=*,DC=COM” -Properties * | Get-Unique | export-csv -path C:\Users***\Documents\export\allusers_objects_unique_useracct.csv
Note: Nothing should be deleted in the parent domain.
Thanks,
Kamal.
I had to do something similar for a test environment. I tweaked this code a bit to suite my needs to make it domain independent. This also exports the members of each group to a string to later be imported.
#// Import AD Module
Import-Module ActiveDirectory
#// Get Domain Distinguished Name
$DomainDN = (Get-ADDomain).DistinguishedName
#// Get year and month for csv export file
$DateTime = Get-Date -f "yyyy-MM"
#// Set CSV file names
$GroupCSVFile = "AD_Groups"+$DateTime+".csv"
#//Create array for CSV data
$CSVOutput = @()
#// Get All AD Groups in Domain
$ADGroups = Get-ADGroup -Filter * -Properties *
#// Set progress bar variables
$i=0
$tot = $ADGroups.count
foreach ($ADGroup in $ADGroups) {
#// Set up progress bar
$i++
$status = "{0:N0}" -f ($i / $tot * 100)
Write-Progress -Activity "Exporting AD Groups" -status "Processing Group $i of $tot : $status% Completed" -PercentComplete ($i / $tot * 100)
#// Ensure Members variable is empty
$Members = ""
#// Get group members which are also groups and add to string
$MembersArr = Get-ADGroup -filter {Name -eq $ADGroup.Name} | Get-ADGroupMember | select samaccountname
if ($MembersArr) {
foreach ($Member in $MembersArr) {
$Members = $Members + "," + $Member.samaccountname
}
$Members = $Members.Substring(1,($Members.Length) -1)
}
#// Set up hash table and add values
$HashTab = $NULL
$HashTab = [ordered]@{
"Name" = $ADGroup.Name
"Category" = $ADGroup.GroupCategory
"Scope" = $ADGroup.GroupScope
"Description" = $ADGroup.Description
"Members" = $Members
"OU" = ($ADGroup.DistinguishedName -replace "^CN=[^,]+,|,DC=.+$")
}
#// Add hash table to CSV data array
$CSVOutput += New-Object PSObject -Property $HashTab
}
#// Export to CSV files
Write-Host "Exporting CSV to $pwd\$GroupCSVFile"
$CSVOutput | Sort-Object Name | Export-Csv $GroupCSVFile -NoTypeInformation
I then have a script that imports the CSV file (as long as the OU structure is already the same - version 2 will likely do create the OU structure if it doesn’t exist in the target domain)
#//Retrieve current domain
$DomainDN = (Get-ADDomain).DistinguishedName
#// Create Groups via CSV
function Import-ADGroups{
foreach ($Group in $Groups){
try{
New-ADGroup -Name $Group.Name -DisplayName $Group.Name -GroupScope $Group.Scope -GroupCategory $Group.Category -Path "$($Group.OU),$DomainDN" -Description $Group.Description
}
catch [Microsoft.ActiveDirectory.Management.ADException]{
Write-Warning "$($Group.Name) already exists."
}}
}
Hopefully this helps you get going on your script.
Oh Fantastic… Awesome… Many Thanks Cole for the quick and detail response… the script saved days of my time… your script is very professional and advanced… I just started working in PowerShell…
One last question: Can I use the same framework to get the Users and Compueter objects?. Which order I have to import into my target domain?.
Thanks Again Mr.Cole.