Add Active Directory Group to SharePoint using PowerShell

Requirement: Add Active Directory Group to SharePoint Group using PowerShell

How to Add Active Directory Group to SharePoint?

In this blog post, we will be walking through the steps necessary to add an Active Directory group to SharePoint permissions. This can come in handy if you need to quickly grant permissions to a group of users without having to add them each time individually. We will also show you how to grant SharePoint permissions to an Active Directory group using PowerShell.

To add AD group to SharePoint, do the following:

  • Navigate to your SharePoint site and click on the Site Settings gear icon >> Select “Site settings”
  • Click on the “People and groups” link under “Users and Permissions”
  • Now you can either provide direct permissions by clicking on the “Grant Permissions” icon in the ribbon or add the Active Directory group to any existing SharePoint group by selecting existing groups. 
  • Click on “New” button >> and select “Add Users”. Enter the full name of the AD group to add. Make sure all your entries are resolved. Click on the “Share” button to complete adding the Active Directory group to the SharePoint group.
    sharepoint add active directory group to sharepoint group

PowerShell to Add Active Directory Group to SharePoint:

Let’s grant Edit permissions to an AD group on a SharePoint site using PowerShell.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

#Parameters
$SiteURL = "https://intranet.crescent.com"
$ADGroupName = "Crescent\Marketing Managers"
$PermissionLevel = "Edit"

Try {
    #Get Objects
    $Web = Get-SPWeb $SiteURL
    $ADGroup = $Web.EnsureUser($ADGroupName)
 
    #Grant Permission to the AD Group
    $RoleAssignment = New-Object Microsoft.SharePoint.SPRoleAssignment($ADGroup)
    $RoleDefinition = $Web.RoleDefinitions[$PermissionLevel]
    $RoleAssignment.RoleDefinitionBindings.Add($RoleDefinition)
    $Web.RoleAssignments.Add($RoleAssignment)
    Write-host "Granted Edit Access to AD Group!" -f Green 
}
Catch {
    write-host -f Red "Error:" $_.Exception.Message
}

Add Active Directory Group to SharePoint Group using PowerShell:

Instead of providing direct user permissions to the AD group, let’s add the Active Directory group to an existing SharePoint Group.

Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue

$SiteURL = "https://Intranet.crescent/us/"
$ADGroupName = "Crescent\Marketing Managers"
$SharePointGroupName = "Crescent Intranet Members"

#Get Objects
$Web = Get-SPWeb $SiteURL
$ADGroup = $Web.EnsureUser($ADGroupName)
$SPGroup= $web.Groups[$SharePointGroupName]
 
#Add User to the Group
$SPGroup.AddUser($ADGroup)

To add an Active Directory group to the SharePoint Online group, use: How to Add an AD Group to the SharePoint Online Group using PowerShell?

Salaudeen Rajack

Salaudeen Rajack - SharePoint Expert with Two decades of SharePoint Experience. Love to Share my knowledge and experience with the SharePoint community, through real-time articles!

One thought on “Add Active Directory Group to SharePoint using PowerShell

  • Hi,
    How to directly change the permission level of an AD Group on a SharePoint site without having to remove it and add it with the desired permission?

    Reply

Leave a Reply

Your email address will not be published.