In provisioning solutions it can be a good practice to add a security group from Active Directory as an additional site collection owner. Unfortunately a security group is not accepted as either primary or secondary owner. So to set a group as site collection administrator, the easiest approach I could find was to set the “IsSiteAdmin” property on the User object.
|$WebUrl = "http://teams.contoso.com/sites/team1"|
|$SiteAdminGroup = "CONTOSO\ContosoSiteAdmins"|
|# Set the AD group as site collection administrator|
|$Web = Get-SPWeb $WebUrl|
|$SiteAdminUser = $Web.EnsureUser($SiteAdminGroup)|
|$SiteAdminUser.IsSiteAdmin = $true|