From be78b4327b930e89266085f1844db25ed3884c7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Benouarets?= <bbenouarets@proton.me>
Date: Wed, 16 Jul 2025 10:01:12 +0200
Subject: [PATCH] feat: Add script to add user to a local ad group with license
 check

---
 powershell/add-usertosubgroupwithlicense.ps1 | 29 ++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 powershell/add-usertosubgroupwithlicense.ps1

diff --git a/powershell/add-usertosubgroupwithlicense.ps1 b/powershell/add-usertosubgroupwithlicense.ps1
new file mode 100644
index 0000000..710f677
--- /dev/null
+++ b/powershell/add-usertosubgroupwithlicense.ps1
@@ -0,0 +1,29 @@
+$dn = "DC=secnex,DC=local"
+# Object with all license and sub groups
+$license_groups = @{
+    "E3" = "Subgroup E3"
+    "F3" = "Subgroup F3"
+}
+$application_group = "Application Group"
+$user = "User"
+
+# Check if user is member of one of the license groups
+foreach ($license_group in $license_groups.Keys) {
+    $user_is_member = Get-ADGroupMember -Identity $license_group -SearchBase $dn -Filter {SamAccountName -eq $user}
+
+    if ($user_is_member) {
+        Write-Host "User is already a member of the license group! Adding user to sub group..."    
+        Add-ADGroupMember -Identity $license_groups[$license_group] -Members $user -Confirm:$false
+    } else {
+        Write-Host "User is not a member of the license group!"
+    }
+}
+
+# Check if user is member of application group
+$user_is_member = Get-ADGroupMember -Identity $application_group -SearchBase $dn -Filter {SamAccountName -eq $user}
+
+if ($user_is_member) {
+    Write-Host "User is already a member of the application group!"
+} else {
+    Write-Host "User is not a member of the application group! Adding user to application group..."
+}
\ No newline at end of file