param(
    $Identity,
    $ADGroup="CN=ANG_lindev-login,OU=ANG-Brunnthal-Germany,OU=Groups,OU=_WABTEC-SITES,DC=ad,DC=wabtec,DC=com"
)

$ErrorActionPreference = 'Stop'

$newUser = Get-ADUser $Identity -Properties uidNumber,gidNumber

$users = Get-ADGroupMember $ADGroup |
    Get-ADUser -Properties uidNumber,gidNumber,UserPrincipalName

$userInGroup = $false
$users | %{
    if ($_.UserPrincipalName -eq $newUser.UserPrincipalName){
        $newUser
        $userInGroup = $true
    }
}

if (-not $userInGroup) {
    "Adding User to Group $ADGroup" | Out-Host
    Add-ADGroupMember -Identity $ADGroup -Members $newUser
} else {
    "User already in Group $ADGroup" | Out-Host
}

if ($null -eq $newUser.uidNumber) {
    $nextUid = [int](($users | Measure-Object -Property "uidNumber" -Maximum).Maximum + 1)
    "Setting User ID to Group $nextUid" | Out-Host
    
    Set-ADUser -Identity $newUser -add @{
        uidNumber=$nextUid
        gidNumber=10000
    }
} else {
    "User already has uidNumber $($newUser.uidNumber)" | Out-Host
}