How to copy group membership between Active Directory users


Let's say you need to add a new user to all the Active Directory groups of an existing user. It would be painstaking and error-prone to compare group memberships in the AD Users & Computers snap-in. But don't despair: There is an easier way!

First, install the free ActiveRoles Management Shell module for PowerShell from Quest if you don't already have it. Trust me, you'll wonder how you managed Active Directory without it!

Second, run a command like this in PowerShell:

get-qadmemberof existingUser | % { Add-QADMemberOf newUser -group $_ }

This queries AD for the existingUser's group memberships and sends those down the PowerShell pipeline. The Add-QADMemberOf cmdlet receives the pipeline token and adds the group to newUser "foreach" existingUser's groups.