I've got a PowerShell script that enumerates a list of groups and their members. Works great in the domain that I run the script from (acme.com). Trying to make the same script work against a trusted domain (Widgets). Using Quest CmdLets for this. The get-qadgroup command works fine, it's pulling back the groups, but when it gets to the get-qadgroupmember command I'm getting this error:
Get-QADGroupMember : 0000202B: RefErr: DSID-031006E0, data 0, 1 access
points
ref 1: 'acme.com'
At H:\scripts\PowerShell\Enum_admin_groups_rev1.ps1:23 char:31
+ $members = get-qadgroupmember <<<< $ParentGroupName.name -Service
'widgetsdc5:389' -ConnectionAccount 'widgets\jdoe
r' -ConnectionPassword $pw
+ CategoryInfo : NotSpecified: (:) [Get-QADGroupMember],
DirectoryAccessException
+ FullyQualifiedErrorId :
Quest.ActiveRoles.ArsPowerShellSnapIn.DirectoryAccess.DirectoryAccessException,Quest.Act
iveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.GetGroupMemberCmdlet
Here is the script:
##########
$pw = Read-Host "Enter password" -AsSecureString
$Group = get-qadgroup 'widgets_admins_*' -SizeLimit 0 -Service
'widgetsdc5:389' -ConnectionAccount 'widgets\jdoe' -ConnectionPassword $pw
ForEach ($ParentGroupName in $Group)
{
$members = get-qadgroupmember $ParentGroupName.name -Service
'widgetsdc5:389' -ConnectionAccount 'widgets\jdoe' -ConnectionPassword $pw
foreach ($GroupMembers in $members)
{
#Write-Host $ParentGroupName.name `t $GroupMembers.name `t
$GroupMembers.samaccountname
"$($ParentGroupName.name) `t $($GroupMembers.name) `t
$($GroupMembers.samaccountname)"|Out-File -Append -filepath
"c:\temp\Admingroups_Widgets_rev1.csv"
}
}
##########
Christopher Bodnar
Technical Support III, Distributed Systems Service Delivery - Intel
Services
Tel 610-807-6459
3900 Burgess Place, Bethlehem, PA 18017
[email protected]
The Guardian Life Insurance Company of America
www.guardianlife.com
-----------------------------------------
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law. If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited. If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments. Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to [email protected]
with the body: unsubscribe ntsysadmin<<image/jpeg>>
