PowerShell: Bulk Add/Remove Users From Groups

KB ID 0001475

Problem

I had to do this a few weeks ago, so I documented it. I had a list of usernames in a CSV file and I needed to bulk-add them to a security group.

Bulk Add Group Users Solution

Firstly you will need the usernames (sAMAccountNames) in .csv format like so,  (Note: As a header Im using User-Name.) I’ve saved the file to C:\Temp on my server.

User Name CSV

Execute the following commands;

Import-Module ActiveDirectory 

Import-Csv -Path “C:\Temp\Users-To-Add.csv” | ForEach-Object {Add-ADGroupMember -Identity “Group-Name” -Members $_.’User-Name’}

Bulk add Users to Group

And there’s our users;

Bulk add Users from CSV

Bulk Remove Group Users Solution

Use the following command;

Import-Csv -Path “C:\Temp\Users-To-Remove.csv” | ForEach-Object {Remove-ADGroupMember -Identity “Group-Name” -Members $_.’User-Name’ -Confirm:$false}

Bulk remove Users from a Group

Now if we check the group, the users have gone;

Bulk remove Users from group with CSV

Related Articles, References, Credits, or External Links

PowerShell: Bulk Enable / Disable Users

Exchange Bulk Export / Import Mail Contacts

Bulk Export Users From One Domain, and Import Into Another

PowerShell: Add All Members of an OU to a Security Group

Author: PeteLong

Share This Post On

14 Comments

  1. Gene

    21/05/2019

    What if i wanted to add users to multiple groups . For example if i had a list of sam account names and they needed to be addedd to multiple groups

    Post a Reply
    • PeteLong

      22/05/2019

      Hi,
      Assuming you have Groups in a column called ‘Group’, and Users in a column called ‘User-Name’;

      $list = import-csv “C:\Folder\Input-File.csv”

      Foreach($user in $list){
      add-adgroupmember -identity $user.Group -member (Get-ADUser $user.User-Name)
      }

      Pete

      Post a Reply
  2. Frank

    31/05/2019

    I’m trying to do something similar. I have a list of AD groups I would like to remove all users from. I can do them individually, but can’t seem to get the format down to import a txt/cvs list of the groups, and then delete all the users from those groups. Any help would be appreciated.

    Post a Reply
  3. Evon

    04/11/2019

    I get an error, why is that, ive followed your instructions.

    PS C:\temp> Import-Csv -Path “C:\Temp\Users-To-Remove.xlsx” | ForEach-Object {Remove-ADGroupMember -Identity “ESB Admins” -Member $_.’User-Name’ -Confirm:$false}

    Remove-ADGroupMember : Cannot validate argument on parameter ‘Members’. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
    At line:1 char:119
    + … dmins” -Member $_.’User-Name’ -Confirm:$false}
    + ~~~~~~~~~~~~~~
    + CategoryInfo : InvalidData: (:) [Remove-ADGroupMember], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.RemoveADGroupMember

    Remove-ADGroupMember : Cannot validate argument on parameter ‘Members’. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
    At line:1 char:119
    + … dmins” -Member $_.’User-Name’ -Confirm:$false}
    + ~~~~~~~~~~~~~~
    + CategoryInfo : InvalidData: (:) [Remove-ADGroupMember], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.RemoveADGroupMember

    Remove-ADGroupMember : Cannot validate argument on parameter ‘Members’. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.
    At line:1 char:119
    + … dmins” -Member $_.’User-Name’ -Confirm:$false}
    + ~~~~~~~~~~~~~~
    + CategoryInfo : InvalidData: (:) [Remove-ADGroupMember], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.RemoveADGroupMember

    Post a Reply
    • PeteLong

      04/11/2019

      1. Make sure that the users in you CSV are actually in ‘ESB Admins’.
      2. Make sure on their user account that they have a SAMAccountName and/or an entry under username.

      Post a Reply
  4. Matt

    11/02/2020

    Add an s to the member clause “members”

    Post a Reply
    • PeteLong

      13/02/2020

      Sorry Matt, I can’t see what you mean?

      P

      Post a Reply
      • Martin Henning

        23/02/2020

        Add-ADGroupMember and Remove-ADGroupMember both are using the parameter -Members.
        So, just a typo (missing “s”) in the examples above.

        Otherwise it works great. Thank you for this posting.

        Post a Reply
        • PeteLong

          24/02/2020

          Hi Martin, unless the syntax has changed, then it’s using Member without an ‘s’ look at the screenshots?

          P

          Post a Reply
  5. Patrick

    04/03/2020

    Hi Guys
    just ran into the same problem and discovered that Martin is right. Changed -Member to -Members and everything worked fine (Windows Server 2019).

    Post a Reply
    • PeteLong

      04/03/2020

      Hi Patrick, Thanks updated accordingly

      Post a Reply
  7. Andy

    07/10/2020

    Also your input file extension is .xlsx and not.csv

    Post a Reply
  8. Chessman5615

    03/12/2020

    This is a great. Unfortunately it doesn’t work for users within child domains only users within current Domain. Is there any way of getting this method to work through entire forest?

    Post a Reply

Submit a Comment

Your email address will not be published. Required fields are marked *