Add entire group to active directory

Question

I'm trying to create a script that queries active directory for a group named $server-Administrators, checks to make sure if the group is in local admins, and if not in local admins adds the group to local admins. I know that get-ADGroup allows you to easily check for if there is an administrator group, however I'm not sure how to add an entire group to AD. I'm aware of add-ADGroupMember, however I don't think that is the cmdlet that would let me add an entire group to active directory.

$serverName = hostname
$query = get-adgroup administrators
if ($query == false){
     #add group to local admins
}

Does anyone know of a way to add an entire group?

Answer 1

Since it doesn't look like you're trying to work through a problem (you don't really show any attempts to solve the issue yourself, and only have pseudo-code shown), I'll just give reference to what will solve the question without doing much real work myself.

I flexed my Google muscles and searched for 'powershell local administrators group' and the 6th result showed me the answer to your question (second thing I clicked on, because I can't help but read the Hey Scripting Guy! site first).

Use Jaap Brasser's script from the TechNet Script Gallery. The work has already been done, there's no need for you to re-invent the wheel here. Save that script, then run it as described in the in-script help.

.\Get-Set-ADAccountasLocalAdministrator.ps1 -Computer 'Server01,Server02' -Trustee YourDomain\Server-Administrators