Forum Discussion
Run Get-Aduser from Get-Adgroupmember with users from sub-domains
Hello,
I running is script that retrieves users from a group in ad.local
The users within can be from ad.local and/or subdomain1.ad.local, subdomain2.ad.local etc
When I run (from a computer that is part of subdomain1.ad.local)
$userlist = get-adgroupmember -Identity $object_name -Server $object_ad -Credential $mycreds
foreach ($user in$userlist){
$userad= Get-ADUser -Identity $($user.distinguishedName)
}
=> I get Get-ADuser : A referral was returned from the server
I tried this :
Get-ADUser -Identity $($user.distinguishedName) -server "usersdomain" -Credential $mycreds
It works. But get-adgroupmember only returns
distinguishedName : CN=jdoe,OU=Users,DC=subdomain1,DC=ad,DC=local
name : jdoe
objectClass : user
objectGUID : 2293fd35-9fa7-4acc-a22f-5799f6dd2369
SamAccountName : jdoe
SID : S-1-5-21-1231254564-630871074-310601177-1324
name : jdoe
objectClass : user
objectGUID : 2293fd35-9fa7-4acc-a22f-5799f6dd2369
SamAccountName : jdoe
SID : S-1-5-21-1231254564-630871074-310601177-1324
Do you know how I can retrieve the users domain (ex : "subdomain1.ad.local" or "ad.local" etc) without having to manipulate distinguishedName ?
Thank you for your help.
- Did you use a Global Catalog Server for your AD Query?
https://shellgeek.com/get-aduser-in-multi-domain-forest/
Regards
Andres
