0

So I have a script with the purpose of scanning devices that start with a certain name, then return results of computers missing a group. My problem is, the device I need it to run from turns out not to be in the same tree. I have seen some commands, but I wanted to be sure I had the syntax right. I will include part of the script for context:

Import-Module ActiveDirectory
$Group = "A-Certain-Group"
$Groupname = (Get-ADGroup $Group).distinguishedName
$Computers = Get-ADComputer -filter "name -like 'Big*'" -Prop MemberOf | Where{$_.MemberOf -notcontains $Groupname}

So let's say I am running it from "company.net", and it needs to perform the above script on "companynet.net" instead. What is the proper method?

Improve this question

1 Answer 1

Reset to default
1

The AD cmdlets all have a -server parameter which lets you specify other domains. Just use it to specify the other domain assuming there is a trust.

$Groupname = (Get-ADGroup $Group -Server companynet.net).distinguishedName
$Computers = Get-ADComputer -Server companynet.net -filter "name -like 'Big*'" -Prop MemberOf | Where{$_.MemberOf -notcontains $Groupname}

Note that if you don't have permission to perform actions in the domain you will also need to use the -credential parameter.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Wow, as easy as that was, I feel like an idiot. Thanks!
You're welcome. The parameter is kinda misleading since you wouldn't think -server also accepts a domain name. Anyways, glad to help.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.