The 2008 R2 feature that allows you to run Powershell AD commands against a remote DC can now be installed on a 2003 server.
The download is on the Microsoft site here (Active Directory Management Gateway Service).
I've used this to perform cross-forest group management between 2008 and 2003 DC's by installing the management gateway on the 2003 DC and then calling a group name in forest1 and saving it as a variable
This will nest the group Forest1\SampleGroup in to the group Forest2\SampleGroup (provided group scope allows), when run on a DC in Forest1.
> $Forest1Group = Get-ADGroup SampleGroup
> Add-ADGroupMember SampleGroup -Members $Forest1Group -server ServerName.Forest2.com
This is the entry on the AD Powershell blog about the service and this article covers the cross forest functionality.
No comments:
Post a Comment