Add User to Group

Adding users to groups can be made simple by creating a Runbook to reference a ‘Standard’ rather than individual Runbooks with a PowerShell script to add user to the group.

Firstly, you’ll need to scope your Standards.

I created a few different Standard Types but in this example you can just set-up the one – ‘Access Group’ you can do this by going into your List Value and adding.

In this example I created a couple of Standards for membership groups a user can request access to, by selecting the standard they will get added to the group (with a bit of scorch magic!)


As you can see from this Standard we have set the Type to match the newly created list value of ‘Access Group‘ and given a Name for it. Under Related Asset Management Items you can go ahead and add the Active Directory group you desire.


& this is your first Standard created.

The next part of this is to create the Runbook which will be used to sit behind the Service Request to add the Affected User to the selected Standard membership group.




import-module activedirectory
$group = get-adgroup “{“User Name from “Get Group from AD”}
$user = “{“User Name from “Get Affected User”}
if ((get-aduser $user -properties memberof).memberof -like $group.distinguishedname)
{$add = $false}
{$group | add-adgroupmember -member $user}

Once this has been created you can then go ahead and sync your Orchestrator connector to pull in the Runbook and then create your template.


Then go ahead and make sure you create your Service Request template as part of this and add your newly created Runbook Activity within.

Last thing to do is to create your Request Offering to allow the end user to select the standard and then process the request. Set the user prompts accordingly…


The key thing is to make sure the tick box ‘Add user-selected objects to template object as related items‘ as this will be what gets added to the Service Request related items and be pulled in from the Runbook.

After this has been done you can go ahead and publish your request and make sure it is part of a Service Offering. Go ahead and Restart your Cireson Cache Builder, IIS Sites and Recycle the Application Pool so that the Request Offering is visible on your catalogue.

Your end user will now be able to select from a list of Standards defined and it will go ahead and add them to the relevant membership group(s) added within it!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s