Add Active Directory Group to SharePoint using PowerShell

Requirement: Add Active Directory Group to SharePoint Group using PowerShell.

How to Add Active Directory Group to SharePoint?

In this blog post, we will walk through the steps necessary to add an Active Directory group to SharePoint permissions. This can be helpful if you need to quickly grant permissions to a group of users without having to add them each time individually. We will also show you how to grant SharePoint permissions to an Active Directory group using PowerShell.

To grant access to an AD group to SharePoint, do the following:

1. Navigate to your SharePoint site and click on the Site Settings gear icon >> Select “Site settings”
2. Click on the “People and groups” link under “Users and Permissions”
3. Now you can either provide direct permissions by clicking on the “Grant Permissions” icon in the ribbon or add the Active Directory group to any existing SharePoint group by selecting existing groups. 
4. Click on the “New” button >> and select “Add Users”. Enter the full name of the AD group to add. Make sure all your entries are resolved. Click on the “Share” button to complete adding the Active Directory group to the SharePoint group.

   

PowerShell to Add Active Directory Group to SharePoint:

In SharePoint Online, administrators can use Active Directory (AD) security groups to manage user access to SharePoint sites and content. By adding an AD group to SharePoint, administrators can assign permissions to multiple users at once, reducing the time and effort required to manage user access.

Let’s grant Edit permissions to an AD group on a SharePoint site using PowerShell.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#Parameters
$SiteURL = "https://intranet.crescent.com"
$ADGroupName = "Crescent\Marketing Managers"
$PermissionLevel = "Edit"

Try {
    #Get Objects
    $Web = Get-SPWeb $SiteURL
    $ADGroup = $Web.EnsureUser($ADGroupName)
 
    #Grant Permission to the AD Group
    $RoleAssignment = New-Object Microsoft.SharePoint.SPRoleAssignment($ADGroup)
    $RoleDefinition = $Web.RoleDefinitions[$PermissionLevel]
    $RoleAssignment.RoleDefinitionBindings.Add($RoleDefinition)
    $Web.RoleAssignments.Add($RoleAssignment)
    Write-host "Granted Edit Access to AD Group!" -f Green 
}
Catch {
    write-host -f Red "Error:" $_.Exception.Message
}

Add Active Directory Group to SharePoint Group using PowerShell:

Instead of providing direct user permissions to the AD group, let’s add the Active Directory group to an existing SharePoint Group.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

$SiteURL = "https://Intranet.crescent/us/"
$ADGroupName = "Crescent\Marketing Managers"
$SharePointGroupName = "Crescent Intranet Members"

#Get Objects
$Web = Get-SPWeb $SiteURL
$ADGroup = $Web.EnsureUser($ADGroupName)
$SPGroup= $web.Groups[$SharePointGroupName]
 
#Add User to the Group
$SPGroup.AddUser($ADGroup)

In summary, Adding Active Directory groups to SharePoint using PowerShell is a simple and efficient way to manage user access. By automating the process, administrators can quickly and easily assign permissions to multiple users at once, reducing the time and effort required to manage user access. To add an Active Directory group to the SharePoint Online group, use: How to Add an AD Group to the SharePoint Online Group using PowerShell?