With the advent of Windows PowerShell, performing bulk tasks just gets easier and easier. Consider a scenario where you have a bunch of Domain Local groups that you need to convert to Global…or any other type of conversion. This is a task that can take a large amount of time to complete manually, even with copious amounts of coffee and House of Cards on the TV. Fortunately, a few lines of PowerShell can make short work of this. Consider the aforementioned Domain Local to Global conversion. As the astute reader will know, a Domain Local to Global conversion isn’t a one-step process. Each group must first be converted to Universal. Why this caveat exists is far too detailed to discuss here, but Microsoft have a pretty ok writeup of it here.
# Get all the groups in the OU we're targeting
$groups = Get-ADGroup -Filter * -SearchBase "OU=File Shares,OU=Groups,DC=Contoso,DC=com"
# Recurse through each group
Foreach ($group in $groups) {
# Make it universal
$group | Set-ADGroup -GroupScope 2
# Make it global
$group | Set-ADGroup -GroupScope 1
}This code isn’t really optimised for any more than a few hundred groups, so buyer beware when running this across a large number of groups.
Comments/questions
There's no commenting functionality here. If you'd like to comment, please either mention me (@[email protected]) on Mastodon or email me. I don't have any logging or analytics running on this website, so if you found something useful or interesting it would mean a lot to hear from you.