search
DownloadsPricingRequest a trial

New-AmsActiveDirectoryJitGroupCreationRule

hashtag
SYNOPSIS

Creates a new just-in-time Active Directory group creation rule

hashtag
SYNTAX

New-AmsActiveDirectoryJitGroupCreationRule [-ComputerOU <String>] [-CreateUnixGid <Boolean>]
 [-EnableJitGroupDeletion <Boolean>] [-GroupDescription <String>] [-GroupNameTemplate <String>]
 [-GroupOU <String>] [-GroupType <ActiveDirectoryGroupType>] [-Subtree <Boolean>]
 [-UnixGidAttributeName <String>] [-UnixGidStartRange <Int32>] [<CommonParameters>]

hashtag
DESCRIPTION

This cmdlet creates a new just-in-time Active Directory group creation rule

hashtag
EXAMPLES

hashtag
Example 1

PS C:\> New-AmsActiveDirectoryJitGroupCreationRule -ComputerOU "OU=Computers,DC=lithnet,DC=local" -GroupOU "OU=Groups,DC=lithnet,DC=local" -GroupNameTemplate "JIT-%ComputerName%" -GroupDescription "AMS JIT Group" -GroupType DomainLocal -CreateUnixGid $true -UnixGidAttributeName "gidNumber" -UnixGidStartRange 10000 -EnableJitGroupDeletion $true

In this example, a new JIT group creation rule is created that will create a new domain local group in the 'OU=Groups,DC=lithnet,DC=local' organizational unit. The group name will be 'JIT-', and the group description will be 'AMS JIT Group'. A unique Unix GID will be created for the group, and the group will be deleted when the computer is removed from the directory

hashtag
PARAMETERS

hashtag
-ComputerOU

The OU that will be used to searched for computer objects

hashtag
-CreateUnixGid

Specifies if AMS should create a unique Unix GID for the group

hashtag
-EnableJitGroupDeletion

Specifies if AMS should delete the group when the computer is removed from the directory

hashtag
-GroupDescription

The description of the rule

hashtag
-GroupNameTemplate

The template used to create the group name

hashtag
-GroupOU

The OU that the groups will be created in

hashtag
-GroupType

The type of AD group to create

hashtag
-Subtree

Specifies if AMS should search child organizational units of the 'ComputerOU' for computer objects

hashtag
-UnixGidAttributeName

The name of the LDAP attribute to populate with the group's unique unix GID

hashtag
-UnixGidStartRange

The starting range of Unix GIDs to use

hashtag
CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParametersarrow-up-right.

hashtag
INPUTS

hashtag
None

hashtag
OUTPUTS

hashtag
Lithnet.AccessManager.PowerShell.ServiceConfigPSObject

hashtag
NOTES

hashtag
RELATED LINKS

PreviousGet-AmsServiceConfigNextNew-AmsComputerAuthorizationRule

Last updated

Was this helpful?