Purpose: Get all Workstations from an Active Directory Security Group (WQL)
If your environment uses heavily active directory security groups, you can use those memberships in Configuration Manager Device Collections. With a simple query, you can set the system to gather all the members of an active directory security group into your brand new (or old) device collection.
Purpose: During a SCCM 2012 Computer Deployment, join the current computer to an AD SG
So you have been given a task to automate installations, welcome. More importantly, there are several (… OK, one is enough) actions that occur to the desktop if it would be a member of an Active Directory (AD) Security Group (SG). There is no automatic GUI to do this in System Center 2012 Configuration Manager (even SCCM 2012 SP1 wont save you on this one). Therefore you must script it. My example is straightforward. First you must know the LDAP of the SG you want the computer to join. If you are new to this, in this case LDAP is a fancy word for “AD PATH”. An example of AD PATH to a SG: