I have been tasked with creating a PowerShell script that copies Active Directory Group Memberships from a specified Source User (as a template) to a specified Target User. These users can be in one of two domains: Domain_A and Domain_B. The groups are all located in Domain_B.
The issue that I'm running into is that when I specify that both of the users are in Domain_A, it attempts to look for the groups in Domain_A, when in reality the groups are all in Domain_B (this throws an error saying that it can't find the groups). There is a 2 way trust between the domains as they are all located in the same forest.
How can I make it so that it will still specify the domains that the users are located in, but it will also specify the domain that the groups are located in? Here is a copy of my source code for reference (edited to remove the server names):
$Source_Server = Read-Host "Please enter the Source Server: "
$Source_UPN = Read-Host "Please enter the Source UPN: "
$Target_Server = Read-Host "Please enter the Target Server: "
$Target_UPN = Read-Host "Please enter the Target UPN: "
Try {
Get-ADUser -Identity $Source_UPN -Properties memberof -Server$Source_Server |
Select-Object -ExpandProperty memberof |
# Find Properties of the memberships of the Source User
Add-ADGroupMember -Members $Target_UPN -Server $Target_Server |
Select-Object -ExpandProperty SamAccountName
# Copy the group memberships of the Source User to the Target User.
}
Catch {
$Error_Message = $_.Exception.Message
Write-Host $Error_Message
Write-Host -NoNewLine "Press any key to exit..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
# Exits the program
}
If (!$Error) {
"Group Copy Successful."
$Error_Message = "No errors occured."
# Shows that it ran error-free
Write-Host -NoNewLine "Press any key to exit..."
$null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
# Exits the program
}
Add-ADGroupMember: Cannot find an object with identity CN = "Test OU" DC = "Domain_B" under DC = "Domain_A"– derpickson