Every now and then, I would come across situation, where I have to add new member to project. As part of the process, I have to give the new guys user permission to the machine (mostly BizTalk Server machines). When you have multiple servers, the task gets monotonous. During once such, instance, I sought the enlightenment google caters and found below script to do the same, in matter of seconds. I am not sure which article guided me to the solution, so I am not referencing it.
Below is the script for adding users to group, generally for stand alone BizTalk machine,
$group = [ADSI]"WinNT://localhost/Users"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Application Users"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Isolated Host Users"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Operators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SQLServerMSASUser`$BTS2016`$MSSQLSERVER"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Affiliate Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
In order to remove user, use below script,
$group = [ADSI]"WinNT://localhost/Users"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Application Users"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Isolated Host Users"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Operators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SQLServerMSASUser`$BTS2016`$MSSQLSERVER"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Affiliate Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
Below is the script for adding users to group, generally for stand alone BizTalk machine,
$group = [ADSI]"WinNT://localhost/Users"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Application Users"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Isolated Host Users"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Operators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SQLServerMSASUser`$BTS2016`$MSSQLSERVER"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Affiliate Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/Administrators"
$group.psbase.Invoke("Add",([ADSI]"WinNT://<domain>/<username>").path)
In order to remove user, use below script,
$group = [ADSI]"WinNT://localhost/Users"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Application Users"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Isolated Host Users"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/BizTalk Server Operators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SQLServerMSASUser`$BTS2016`$MSSQLSERVER"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/SSO Affiliate Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
$group = [ADSI]"WinNT://localhost/Administrators"
$group.psbase.Invoke("remove",([ADSI]"WinNT://<domain>/<username>").path)
Powershell has active directory module, which you can use to add/remove user to group, in case BizTalk access is managed through AD.
Comments
Post a Comment