Run Get-Aduser from Get-Adgroupmember with users from sub-domains

Brass Contributor



I running is script that retrieves users from a group in ad.local

The users within can be from ad.local and/or, etc


When I run (from a computer that is part of

$userlist = get-adgroupmember -Identity $object_name -Server $object_ad -Credential $mycreds
foreach ($user in$userlist){
$userad= Get-ADUser -Identity $($user.distinguishedName)
 => I get Get-ADuser : A referral was returned from the server
I tried this :
Get-ADUser -Identity $($user.distinguishedName) -server "usersdomain" -Credential $mycreds
It works. But get-adgroupmember only returns 
distinguishedName : CN=jdoe,OU=Users,DC=subdomain1,DC=ad,DC=local
name : jdoe
objectClass : user
objectGUID : 2293fd35-9fa7-4acc-a22f-5799f6dd2369
SamAccountName : jdoe
SID : S-1-5-21-1231254564-630871074-310601177-1324
Do you know how I can retrieve the users domain (ex : "" or "ad.local" etc) without having to manipulate distinguishedName ?
Thank you for your help.
1 Reply
Did you use a Global Catalog Server for your AD Query?