Set up a PowerShell script that runs periodically on your domain controller to check for new servers. Here’s an outline of how you can approach this:

1. Create a Security Group: Set up a security group in Active Directory that will contain all Windows Server machines (e.g., AllWindowsServers).

2. PowerShell Script: Write a PowerShell script that will:

• Search for new computer accounts with the OperatingSystem property containing "Windows Server."

• Check if these accounts are already in the AllWindowsServers security group.

• If not, add them to the group.

• Send an email notification whenever a new server is added to the group.

3. Set Up Task Scheduler: Schedule this PowerShell script to run periodically (e.g., daily or hourly).

PowerShell Script

# Set the security group and email details

$groupName = "AllWindowsServers"

$emailRecipient = "admin@example.com"

$emailSender = "alert@example.com"

$smtpServer = "smtp.example.com"

# Find all Windows Server computers not already in the group

$servers = Get-ADComputer -Filter 'OperatingSystem -like "*Windows Server*"' -Properties OperatingSystem, MemberOf | 

    Where-Object { ($_ | Get-ADGroupMember -Recursive | Where-Object { $_.Name -eq $groupName }) -eq $null }

# Initialize a list to track newly added servers

$newServers = @()

foreach ($server in $servers) {

    # Add the server to the group

    Add-ADGroupMember -Identity $groupName -Members $server

    $newServers += $server.Name

}

# If there were new servers added, send an email notification

if ($newServers.Count -gt 0) {

    $subject = "New Windows Servers Added to Security Group"

    $body = "The following Windows Servers were added to the $groupName security group:`n`n" + ($newServers -join "`n")

    Send-MailMessage -From $emailSender -To $emailRecipient -Subject $subject -Body $body -SmtpServer $smtpServer

}