Command line application to add / remove the current user to a AD group.

Command line application to add / remove the current user to a AD group.

This command line application helps in adding or removing the current user to a Active Directory group.


The following command will add the current user to the AD group “My-AD-Group”

User2ADGroup.exe Add My-AD-Group

The following command will remove the current user from the AD group “My-AD-Group”

User2ADGroup.exe Remove My-AD-Group


This application can be used with login scripts to add/remove the system from Active Directory groups.

It can be used in SCCM packages and Applications running in user context to add/remove the user from Active Directory groups based on conditions.

It can be run on a command line in an interactive prompt in the user context.

Cannot be run in system context

While running as user should have permissions to add remove user objects to the group.

Set permissions for “Domain Users” for the AD group to “Read” and “Add remove self as member”.

Download Here

Related Articles

SCCM task sequence UI – Set computer name and more during an SCCM task sequence deployment

It is always a unique challenge of having to build an OSD experience that includes providing a great user experience during the deployment of a new operating system.

The attached application would allow you to present a front-end to an active end-user who is executing the SCCM task sequence……

Keywords: SCCM tasksequence UI, SCCM Task Sequence User interface, SCCM task sequence Set computer name.


DCOM hardening issue.

This application fails to authenticate with WMI on the SCCM server because Microsoft has not yet hardened DCOM on their Windows Preinstallation Environment. We are working on a different approach, but it will only be released during the first quarter of 2024. But until that time, the only workaround will be to uninstall the update corresponding to KB5004442.