Configmgr 2012 : Automate / Create User Collections from AD user Groups (based on Active Directory group discovery)

September 30, 2012 at 8:40 am in CM12, collection, ConfigMgr 2012, ConfigMgr 2012 SP1, query, SCCM 2012, SCCM 2012 SP1, System Center, users by Kenny Buntinx [MVP]


Did you ever wanted to automate the creation of “User Collections” based on your AD user Groups (which is based on User group discovery)

I have posted the script here ( ) and these are the steps to follow :

1) Create/Configure your AD group discovery to target your AD application groups.


2) Run this script from a site server machine and this will require appropriate RBAC rights for the user to create collections.

2) Open a command prompt and run the following cmd:

Cscript CreateCollectionForUserGroups.vbs


3) The script will create a user collection for each AD security group with the same name as the unique user group name retrieved from active directory. The appropriate AD group will be added as a direct member of that user collection. This will avoid the refresh that you would need if you would use a query method !



4) On subsequent reruns the script will check if a collection with the same name exists or not and if it does it will skip.

The only 2 things I would still add to the script and I am busy trying to figure it out is :

– Check for incremental updates ( in case you would add a user directly into it )

– Check the default collection update (7days)


Note : I have not written this script myself . I would like to thank the Configmgr Product group and in particular Bhaskar, as he created the script . However you should first try this script in a lab and see if it fits your needs . We’ll take no responsibility what so ever .


Hope it Helps ,

Kenny Buntinx

Tweet about this on TwitterShare on FacebookShare on Google+Share on LinkedInPin on Pinterest