Home

Assign users security group to the desktop application group?

%3CLINGO-SUB%20id%3D%22lingo-sub-912395%22%20slang%3D%22en-US%22%3EAssign%20users%20security%20group%20to%20the%20desktop%20application%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-912395%22%20slang%3D%22en-US%22%3E%3CP%3EHy%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26gt%3B%26gt%3B%20The%20Add-RdsAppGroupUser%20cmdlet%20doesn't%20support%20adding%20security%20groups%20and%20only%20adds%20one%20user%20at%20a%20time%20to%20the%20app%20group.%20If%20you%20want%20to%20add%20multiple%20users%20to%20the%20app%20group%2C%20rerun%20the%20cmdlet%20with%20the%20appropriate%20user%20principal%20names.%20%26lt%3B%26lt%3B%3CBR%20%2F%3E-%26gt%3B%20is%20there%20any%20workaround%20for%20adding%20AD-Groups%3F%20Our%20customer%20has%20a%20lot%20of%20accounts%20to%20add.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EErik%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-955973%22%20slang%3D%22en-US%22%3ERe%3A%20Assign%20users%20security%20group%20to%20the%20desktop%20application%20group%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-955973%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F310439%22%20target%3D%22_blank%22%3E%40eriknu%3C%2FA%3E%26nbsp%3B%3A%20One%20way%20that%20a%20lot%20of%20folks%20achieve%20this%20is%20by%20polling%20an%20Azure%20AD%20group%2C%20then%20refreshing%20every%20morning%20(or%20couple%20of%20hours).%20I%20don't%20have%20the%20exact%20PowerShell%2C%20but%20basically%20a%20script%20that%20does%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E-%20Get%20a%20list%20of%20all%20users%20in%20%3CAADSECURITYGROUP%3E%3C%2FAADSECURITYGROUP%3E%3C%2FP%3E%0A%3CP%3E-%20Get%20a%20list%20of%20all%20users%20in%20%3CRDSAPPGROUP%3E%3C%2FRDSAPPGROUP%3E%3C%2FP%3E%0A%3CP%3E-%20Find%20users%20in%20%3CRDSAPPGROUP%3E%20but%20not%20%3CAADSECURITYGROUP%3E%3C%2FAADSECURITYGROUP%3E%3C%2FRDSAPPGROUP%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20%26nbsp%3B-%20Foreach%20user%2C%20remove%20the%20user%20from%20%3CRDSAPPGROUP%3E%3C%2FRDSAPPGROUP%3E%3C%2FP%3E%0A%3CP%3E-%20Find%20users%20in%20%3CAADSECURITYGROUP%3E%20but%20not%20%3CRDSAPPGROUP%3E%3C%2FRDSAPPGROUP%3E%3C%2FAADSECURITYGROUP%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%20%26nbsp%3B-%20Foreach%20user%2C%20add%20the%20user%20to%20the%20%3CRDSAPPGROUP%3E%3C%2FRDSAPPGROUP%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
eriknu
New Contributor

Hy,

 

>> The Add-RdsAppGroupUser cmdlet doesn't support adding security groups and only adds one user at a time to the app group. If you want to add multiple users to the app group, rerun the cmdlet with the appropriate user principal names. <<
-> is there any workaround for adding AD-Groups? Our customer has a lot of accounts to add.

 

Thanks,

Erik

1 Reply

@eriknu : One way that a lot of folks achieve this is by polling an Azure AD group, then refreshing every morning (or couple of hours). I don't have the exact PowerShell, but basically a script that does:

 

- Get a list of all users in <AADSecurityGroup>

- Get a list of all users in <RdsAppGroup>

- Find users in <RdsAppGroup> but not <AADSecurityGroup>

   - Foreach user, remove the user from <RdsAppGroup>

- Find users in <AADSecurityGroup> but not <RdsAppGroup>

   - Foreach user, add the user to the <RdsAppGroup>

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies