Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Using Powershell to convert AD security group from Global to Universal per OU ?

Posted on 2016-11-01
3
Medium Priority
?
381 Views
Last Modified: 2016-11-21
People,

Before I Join my AD domain to bigger AD forest, I need to convert existing 700+ AD security group which is configured as Global to Universal, so the member of this AD security group can be from any domains in the same AD forest.

How can I convert the AD security group per OU basis using the Pwoershell without losing the existing group member or its description & SID number ?

Thanks in advance.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 23

Accepted Solution

by:
yo_bee earned 2000 total points
ID: 41869386
Try this
you need to have AD Powershell installed on your computer and import the module and run this
Import-Module activedirectory
get-adgroup -filter *  -SearchBase 'OU=Test_OU,DC=xxx,DC=xxxx' -SearchScope Subtree | ?{$_.GroupScope -eq 'Global'} | Set-ADGroup -GroupScope Universal

Open in new window

0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 41869387
Ok, does it going to convert the AD security group in one OU and its sub-OU as well ?

Or just the OU defined?
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 41869392
change the subtree to OneLevel
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question