If you need to create a large number of entitlements (security groups in AD), you can use a CSV file and bulk load them into AD. Then the next time you aggregate your entitlements in IDN, they will be pulled in.
Create a CSV file with columns Name, Path, Scope, Category, and Description. Row one should have those field names as they are used within the script.
Name is what the entitlement will be displayed as.
Path is the path to the OU (such as OU=TheRepublic,OU=RichardMiller,DC=yourdomain,DC=com)
Scope is DomainLocal
Category is Security
Description is a text value with a more descriptive… description
Then, place that file on a machine that has access to the domain controller (I did mine directly on the DC), and execute the following PowerShell script in the PowerShell ISE (be sure to set the path for your file in the $groups line… in my case, it was in c:\temp\groups.csv)
Import-Module ActiveDirectory
#Import CSV
$groups = Import-Csv ‘c:\temp\groups.csv‘
# Loop through the CSV
foreach ($group in $groups) {
$groupProps = @{
Name = $group.name
Path = $group.path
GroupScope = $group.scope
GroupCategory = $group.category
Description = $group.description
}#end groupProps
New-ADGroup @groupProps
} #end foreach loop
Hope this helps others with testing with larger numbers of entitlements in their dev or staging orgs!
Rich