[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1889
  • Last Modified:

Using Powershell and the Quest ActiveRoles shell to query multiple domains

Hi guys hope you are all well and can assist.

We have multiple domains in our environment.

domainA.com
domainB.com
domainC.com

I am located in domainA, and have domain admin access to domainB, and C.

The following works fine in domainA

Get-QADGroup -SearchRoot "Domain Admins" | Get-QADGroupMember | get-qaduser

If I try and run the same query against a different domain eg.domainB, it does not work, and defaults to returning domainA details.

Now, if I run the Quest ActiveRoles shell as a domain admin user in domainB, and do the following:

Get-QADGroup -SearchRoot "Domain Admins" | Get-QADGroupMember | get-qaduser

Now it returns the correct information for domainB.

My question is this.

If the reason I am having issues is due to the account that is using to run this, and I need to use a different account to "connect" to each domain, can I do this, and if so, how through script?

Any help greatly appreciated.
0
Simon336697
Asked:
Simon336697
  • 2
2 Solutions
 
x-menIT super heroCommented:
if your domains B and C trust domain A, give your domain A account permissions on the B and C domains
0
 
KenMcFCommented:
I am not sure what you are trying to get from your query but here is an example to get all the users in a group from another doamin


Get-QADGroupMember "Student\domain admins" | Select name, samaccountname

or

Get-QADGroupMember "domain admins" -service "child.domain.local" | Select name, samaccountname
0
 
Simon336697Author Commented:
Thanks so much guys sorrry about the delay.
0
 
Simon336697Author Commented:
Thanks so much guys sorrry about the delay.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now