October 28, 2014 at 10:39 am #20095
I have created a security group in my Computers OU and tested adding a couple of computers to it via Powershell. When I run Get-ADGroupMember against that group it returns the computer objects I would expect. However it does not return computers I have manually added through the AD Users and Computers application.
Also, when browsing the created group using AD Users and Computers I am not seeing the computers added via powershell, but do see computers added manually.
I feel like I may be missing something simple here...
The command I am using to add a computer is like so:
Add-ADGroupMember -identity S-1-5-21-1721530621-3416553010-47989647-1234 -members mycomputername$
To list group membership I am running:
get-adgroupmember -identity S-1-5-21-1721530621-3416553010-47989647-1342
Any feedback is appreciated!
October 28, 2014 at 10:41 am #20097
Are you using different SIDs in your Add and Get commands deliberately, or is that just a bogus example value?
October 28, 2014 at 10:44 am #20098
I intentionally changed a couple of characters for anonymity. Perhaps that was overkill. The SIDs for the identity are the same in the commands I am running here.
October 28, 2014 at 10:46 am #20099
OK. It's possible that you're talking to different domain controllers in your PowerShell session and in your AD Users and Computers console. (This would typically happen because PowerShell requires a domain controller running AD Web Services, and ADUC just uses LDAP.) You might just have to wait for AD replication to take place.
October 28, 2014 at 10:55 am #20100
Sure enough. I had recently connected Azure to our site and have a DC across a VPN that I am not used to seeing. It had added the accounts to that DC and replication had not occurred.
October 28, 2014 at 10:56 am #20101
No problem. 🙂
You must be logged in to reply to this topic.