Last active
July 22, 2020 11:49
-
-
Save iricigor/341374db4f6ba9b65c1683a12308c167 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if ($Prefix.Length -gt 2) { | |
| Write-Output 'Welcome' | |
| } else { | |
| throw '$Prefix missing' | |
| } | |
| Write-Output 'Groups overview' | |
| $Groups = Get-AzADGroup -DisplayNameStartsWith $Prefix | ? DisplayName -like *Access | |
| $Groups | Format-Table | |
| $Groups | % {Write-Output "$($_.DisplayName) members count: $((Get-AzADGroupMember -ObjectId $_.Id).Count)"} | |
| $AccessList = @('ACR', 'KV', 'SBI') | |
| Write-Output 'Verify groups...' | |
| foreach ($A1 in $AccessList) { | |
| $Name = "$Prefix$A1" + "Access" | |
| if ($Name -notin $Groups.DisplayName) { | |
| throw "Group $Name not found" | |
| } | |
| } | |
| Write-Output 'Groups verified successfully' | |
| Write-Output 'Updating groups interactivly...' | |
| foreach ($A1 in $AccessList) { | |
| $Name = "$Prefix$A1" + "Access" | |
| Write-Output "Processing group: $Name" | |
| $GroupID = $null | |
| $GroupID = Read-Host "Enter ObjectID for a group which should be granted $A1 access or leave blank if none" | |
| if (!$GroupID) { | |
| Write-Output "Skipping $A1 access" | |
| continue | |
| } | |
| $NewGroup = $null | |
| $NewGroup = Get-AzADGroup -ObjectId $GroupID | |
| if (!$NewGroup) { | |
| Write-Error "Group with object ID $GroupID not found." | |
| continue | |
| } | |
| Write-Output "Group $($NewGroup.DisplayName) found." | |
| $Members = $null | |
| $Members = Get-AzADGroupMember -GroupDisplayName $Name | |
| if ($GroupID -in $Members.Id) { | |
| Write-Output "Group $($NewGroup.DisplayName) is already in the group $Name. Skipping it." | |
| } else { | |
| $Answer = $null | |
| $Answer = Read-Host "Confirm adding $($NewGroup.DisplayName) to $Name. (Y/n)? " | |
| if ($Answer -like 'n') { | |
| Write-Output "Skipping it. " | |
| } else { | |
| Write-Output "Adding group member... " | |
| Add-AzADGroupMember -MemberObjectId $GroupID -TargetGroupDisplayName $Name | |
| Write-Output "Adding done. Let's verify it..." | |
| Start-Sleep 1 | |
| $NewMembers = Get-AzADGroupMember -GroupDisplayName $Name | |
| if ($NewMembers.Count -eq ($Members.Count+1)) { | |
| Write-Output "All fine" | |
| } elseif ($NewMembers.Count -eq $Members.Count) { | |
| Write-Error "Something failed! Group have the same number of members." | |
| } else { | |
| Write-Error "Something failed! Group had $($Members.Count) members before and now it has $($NewMembers.Count) members." | |
| } | |
| } | |
| } | |
| } | |
| Write-Output 'All done. Have a nice day!' | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment