Script repository

Add managers of specific direct reports to a group

Updated on: Jan 18, 2026, Views: 4945

Group membership, Managers and subordinates

The script replaces the list of members of the target group with managers that currently have direct reports whose property is set to a specific value. To execute the script, create a business rule, custom command or scheduled task configured for the Group object type.

Parameters

  • $propertyName - the name of the property that will be checked for direct reports.
  • $propertyValueToSearch - the value the $propertyName property should be set to for the account manager to be added to the group.
$propertyName = "employeeType" # TODO: modify me
$propertyValueToSearch = "Type" # TODO: modify me

$searcher = $Context.TargetObject
$searcher.Criteria = New-AdmCriteria "user" -Expression {(manager -empty $False) -and ($propertyName -eq $propertyValueToSearch)}
$searcher.VirtualRoot = $True
$searcher.SearchScope = "ADS_SCOPE_SUBTREE"
$searcher.ReferralChasing = "ADS_CHASE_REFERRALS_NEVER"
$searcher.PageSize = 500
$searcher.SetPropertiesToLoad(@("manager"))

try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()
    $searchResults = $searchResultIterator.FetchAll()
    
    $managerDNs = New-Object "System.Collections.Generic.HashSet[System.String]"
    $searchResults | %%{ [void]$managerDNs.Add($_.Properties["manager"].Value)}
    
    # Update group
    $Context.TargetObject.Put("member", @($managerDNs))
    $Context.TargetObject.SetInfo()
}
catch
{
    # Release resources
    if ($searchResultIterator) { $searchResultIterator.Dispose() }
}

Comments 0

You must be signed in to comment.

    Got questions?

    Support Questions & Answers

    We use cookies to improve your experience.
    By your continued use of this site you accept such use.
    For more details please see our privacy policy and cookies policy.