Public/New-UserGroup.ps1
|
function New-UserGroup { <# .SYNOPSIS Creates a new local security group. .DESCRIPTION The New-UserGroup cmdlet can be used to create a new local security group in the Windows Security Accounts Manager. .PARAMETER Name The group name for the local security group. .PARAMETER Description A descriptive comment. .EXAMPLE New-UserGroup -Name "MyGroup" -Description "My custom group" Creates a new local group named MyGroup. #> [CmdletBinding(SupportsShouldProcess = $true)] param( [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [ValidateNotNullOrEmpty()] [ValidateLength(1, 256)] [string]$Name, [Parameter(ValueFromPipelineByPropertyName = $true)] [ValidateNotNull()] [string]$Description ) process { if ($PSCmdlet.ShouldProcess($Name, 'Create group')) { try { $group = [LocalAccountHelper]::NewUserGroup($Name, $Description) $group } catch [System.DirectoryServices.AccountManagement.PrincipalExistsException] { $ex = [GroupExistsException]::new($Name, $Name) Write-Error -Message $ex.Message -ErrorId 'GroupExists' -Category ResourceExists -TargetObject $Name } catch [System.UnauthorizedAccessException] { $ex = [AccessDeniedException]::new($Name) Write-Error -Message $ex.Message -ErrorId 'AccessDenied' -Category PermissionDenied -TargetObject $Name } catch { # Check if this is a duplicate group error if ($_.Exception.Message -match 'already exists' -or $_.Exception.Message -match 'The specified local group already exists' -or $_.Exception.Message -match 'The group already exists') { $ex = [GroupExistsException]::new($Name, $Name) Write-Error -Message $ex.Message -ErrorId 'GroupExists' -Category ResourceExists -TargetObject $Name } else { Write-Error -Message $_.Exception.Message -ErrorId 'InvalidUserGroupOperation' -Category InvalidOperation -TargetObject $Name } } } } } |