将AD组成员复制到另一个AD组
[英]Copying AD group members to another AD group
问题描述
I need to copy all members from one AD group to another. 
我需要将所有成员从一个AD组复制到另一个。 The code I am using is failing. 我正在使用的代码失败。
Caveat: The members in the source group are from different (trusted) domains. 注意:源组中的成员来自不同(受信任)域。 I am not a Powershell expert. 我不是Powershell专家。
Example code: 示例代码:
$Source_Group = Get-ADGroupMember -Identity "CN=Team1_ReadOnly,
OU=Team1,OU=TEAM_GROUPS,OU=Groups,OU=Business,DC=Server1,DC=Contoso,DC=com"
-Server "Server1@contoso.com"
Add-ADGroupMember -Identity " CN=Team2_ReadOnly,
OU=Team2,OU=TEAM_GROUPS,OU=Groups,OU=Business,DC=Server1,DC=Contoso,DC=com "
-server "Server1@contoso.com" -Members $Source_Group
Error Output: 错误输出:
Has anyone come across this issue before with users from different domains? 有没有人遇到过来自不同域的用户的此问题?
We have moved all users who are in the same domain as the destination group without issue in the past. 过去,我们已将与目标组位于同一域中的所有用户移动了而没有问题。
1 个解决方案
解决方案1
1 2018-06-01 14:23:14
To answer my own question. 回答我自己的问题。
The code was fine. 代码很好。 It turns out the person (DBA) running the script was running it directly from the target domain controller. 事实证明,运行脚本的人员(DBA)是直接从目标域控制器运行该脚本的。 The target domain controller did NOT have a trust with a particular domain that one of the members was attributed to. 目标域控制器对成员所属的某个特定域不信任。 I tested from my local machine that had rights across all domains. 我在具有所有域权限的本地计算机上进行了测试。
When the script was run on a machine that had a trust with all domains it worked fine. 当脚本在对所有域都信任的计算机上运行时,它可以正常工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.