【发布时间】:2015-10-29 18:31:09
【问题描述】:
我的任务是创建一个 PowerShell 脚本,该脚本将 Active Directory 组成员身份从指定的源用户(作为模板)复制到指定的目标用户。这些用户可以位于以下两个域之一中:Domain_A 和 Domain_B。这些组都位于 Domain_B 中。
我遇到的问题是,当我指定两个用户都在 Domain_A 中时,它会尝试在 Domain_A 中查找组,而实际上这些组都在 Domain_B 中(这会引发错误说它找不到组)。域之间存在 2 路信任,因为它们都位于同一个林中。
我怎样才能让它仍然指定用户所在的域,但它也会指定组所在的域?这是我的源代码副本供参考(已编辑以删除服务器名称):
$Source_Server = Read-Host "Please enter the Source Server: "
$Source_UPN = Read-Host "Please enter the Source UPN: "
$Target_Server = Read-Host "Please enter the Target Server: "
$Target_UPN = Read-Host "Please enter the Target UPN: "
Try {
Get-ADUser -Identity $Source_UPN -Properties memberof -Server$Source_Server |
Select-Object -ExpandProperty memberof |
# Find Properties of the memberships of the Source User
Add-ADGroupMember -Members $Target_UPN -Server $Target_Server |
Select-Object -ExpandProperty SamAccountName
# Copy the group memberships of the Source User to the Target User.
}
Catch {
$Error_Message = $_.Exception.Message
Write-Host $Error_Message
Write-Host -NoNewLine "Press any key to exit..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
# Exits the program
}
If (!$Error) {
"Group Copy Successful."
$Error_Message = "No errors occured."
# Shows that it ran error-free
Write-Host -NoNewLine "Press any key to exit..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
# Exits the program
}
【问题讨论】:
-
您好,能否请您发布错误
-
这里是一个解释性错误,重要信息已被编辑:
Add-ADGroupMember: Cannot find an object with identity CN = "Test OU" DC = "Domain_B" under DC = "Domain_A"
标签: powershell active-directory