0

I want to be able to add Group A from forest A as a member of Group B in forest B. In both forests I have credentials with the Domain Administrator permissions. I have tried several things but it does not work cross-forest and I have tried several commands googled on the internet without any result so far.

I have tried several scripts but every time the object Group A from forest A could not be found when I run it from Forest B. When I use MMC Users and Computers on a domain controller of forest B I can select forest A and browse throught Active Directory without any restrictions.

Alex vermeulen
  • 1
  • Edit your question and include the things you have tried so far -- it's always best to include any code you have even if it doesn't work :) – henrycarteruk Feb 12 '19 at 14:22
  • Have you verified the security group scopes are correct for this situation? For example, have you verified that group B is a domain local or universal group and group A is a global group? If group B is a global group, you cannot add objects from another domain to it. – AdminOfThings Feb 12 '19 at 14:26

1 Answers1

0

You just have to use the -Server parameter to tell it the DNS name of the foreign domain:

Add-ADGroupMember -Identity groupname -Members (Get-ADUser user -Server foreign.domain.com)

AD Users and Computers is intelligent enough to look at the trusts of the current domain to find the name of the foreign domain, but the PowerShell cmdlets are not.

Gabriel Luci
  • 38,328
  • 4
  • 55
  • 84
  • When I execute following command: import-module activedirectory Add-ADGroupMember -Identity RGU000638 -MEMBER (Get-ADGroup GL001084 -Server INTERNAL.ZONE) – Alex vermeulen Feb 13 '19 at 19:41
  • You need to use `-Members`, not `-Member`. You need the "s" on the end. PowerShell will let you use partial names for parameters, but only if they are unique. `Add-ADGroupMember` has another parameter called `-MemberTimeToLive`, so if you only use `-Member` it doesn't know if you mean `-Members` or `-MemberTimeToLive`. – Gabriel Luci Feb 13 '19 at 19:51