PowerShell Add an AD user from the child domain to a group in the parent domain
Question
I am trying to remove an AD user from the child domain from a group in the parent domain using powershell script.
Remove-ADGroupMember -Identity $group -Members jdoe -confirm: $false
Error message: Cannot find and object with identity: "jdoe" under: DC: corp, DC:hello, DC=com
so, I did
$user = Get-Aduser -Filter {SamAccountName -eq "jdoe"} -Server child.corp.hello.com
Remove-ADGroupMember -Identity $group -Members $user -confirm: $false
Error message: The specified account name is not a member of the group
then, I did
Remove-ADGroupMember -Identity $group -Members $user.DistinguishedName -confirm: $false
Error Message: A referral was returned from the server.
How can I remove the user from the group that's in a parent domain?
1 answers
solution1
0 2016-04-01 10:16:28
Use Set-ADObject to remove the cross-domain entry from the member attribute of the group:
$user = Get-Aduser -Filter {SamAccountName -eq "jdoe"} -Server child.corp.hello.com
Set-ADObject $group -Remove @{member=$user.DistinguishedName}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Powershell: If user in domain x add to AD group y
Remove AD-user in domain A from AD-group in domain B while my client is in domain C in PowerShell
Add users from another domain to AD group
Windows Server AD 2022 - Add a domain user to the local group "Remote Desktop Users" via GPO using PowerShell
Add user in domain1 to domain2 group with powershell?
powershell add user to the domain
How to add the AD Group of another domain to the local administrators of the server in current domain using powershell or CMD
Unable to query for AD-Computers under a child domain of a parent domain
Change AD password for user on a different domain with PowerShell
AD domain using powershell?
Related Tags