Forum Discussion
Copy Groups between forests
It's not enough to just set the name. The group's scope and category should also be preserved.
You also do not need to store the groups from the first forest in a variable. This design doesn't scale well in larger environments.
Rather, you can pipe the results of the Get-ADGroup straight into the New-ADGroup commandlet which is targeting the destination forest. This approach allows .NET to reclaim system resources earlier - even during the execution of the command if your environment's large enough.
Get-ADObject -Filter * -SearchBase "OU=Groups,DC=DomainA,DC=local" | New-ADGroup -Path "OU=Groups,DC=DomainB,DC=local" -Server "DomainControllerB.DomainB.local" -Credential $DomainBCred;It's worth noting that this process will not copy across the group memberships.
Cheers,
Lain
It's not enough to just set the name. The group's scope and category should also be preserved.
You also do not need to store the groups from the first forest in a variable. This design doesn't scale well in larger environments.
Rather, you can pipe the results of the Get-ADGroup straight into the New-ADGroup commandlet which is targeting the destination forest. This approach allows .NET to reclaim system resources earlier - even during the execution of the command if your environment's large enough.
Get-ADObject -Filter * -SearchBase "OU=Groups,DC=DomainA,DC=local" |
New-ADGroup -Path "OU=Groups,DC=DomainB,DC=local" -Server "DomainControllerB.DomainB.local" -Credential $DomainBCred;
It's worth noting that this process will not copy across the group memberships.
Cheers,
Lain
InvalidArgument: (CN=somegroup,OU,DomainA,DC=local:PSObject) [New-ADGroup], ParameterBindingException