clihelper.userconfig

0.1.0

Public/Add-GroupMember.ps1

                                function Add-GroupMember {

  <#

  .SYNOPSIS

    Adds one or more users or groups to a local group.

  .DESCRIPTION

    The Add-GroupMember cmdlet adds one or more users or groups to a local group.

  .PARAMETER Group

    The security group from the local Security Accounts Manager.

  .PARAMETER Name

    The security group from the local Security Accounts Manager.

  .PARAMETER SID

    The security group from the local Security Accounts Manager by SecurityIdentifier.

  .PARAMETER Member

    One or more users or groups to add to this local group.

  .EXAMPLE

    Add-GroupMember -Name "Administrators" -Member "John"

    Adds the user John to the Administrators group.

  #>

  [CmdletBinding(SupportsShouldProcess = $true)]

  param(

    [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'Group')]

    [UserGroup]$Group,

    [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'Default')]

    [string]$Name,

    [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, ParameterSetName = 'SecurityIdentifier')]

    [System.Security.Principal.SecurityIdentifier]$SID,

    [Parameter(Mandatory = $true, Position = 1, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]

    [ValidateNotNullOrEmpty()]

    [LocalPrincipalMember[]]$Member

  )

  process {

    $group = $null

    if ($null -ne $Group) {

      $group = $Group

    } elseif ($null -ne $Name) {

      $group = [UserGroup]::new($Name)

    } elseif ($null -ne $SID) {

      $group = [UserGroup]::new()

      $group.SID = $SID

    }

    if ($null -eq $group) { return }

    foreach ($m in $Member) {

      if ($null -eq $m) { continue }

      if ($PSCmdlet.ShouldProcess($group.ToString(), "Add member $($m.Name)")) {

        try {

          [LocalAccountHelper]::AddUserGroupMember($group, $m)

        } catch [System.DirectoryServices.AccountManagement.PrincipalExistsException] {

          $ex = [LocalAccountsException]::new("Member $($m.Name) already exists in group $($group.Name)", $m, [LocalAccountsErrorCategory]::ResourceExists)

          Write-Error -Message $ex.Message -ErrorId 'MemberExists' -Category ResourceExists -TargetObject $m

        } catch [System.UnauthorizedAccessException] {

          $ex = [AccessDeniedException]::new($m)

          Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $m

        } catch [PrincipalNotFoundException] {

          $ex = [PrincipalNotFoundException]::new($m.Name, $m)

          Write-Error -Message $ex.Message -ErrorId 'PrincipalNotFound' -Category ObjectNotFound -TargetObject $m

        } catch {

          Write-Error -Message $_.Exception.Message -ErrorId 'InvalidUserGroupMemberOperation' -Category InvalidOperation -TargetObject $m

        }

      }

    }

  }

}