Jump to content


  • 0
Finamore

Ad-GetGroupMember on trusted domain

Question

Hi All,

 

We have a two-way trust between two domains, and everything works as expected.

 

One thing I'm trying to do is to use the command AD-GetGroupMember to see who are the members on groups on the other domain. The command runs fine but it only list the users from remote domain that are on the group: the users from the local domain, who are in the group, are not listed.

 

Doing some research I found the following information: This cmdlet does not work when a group has members located in a different forest, and the forest does not have Active Directory Web Service running.

 

So I went to check the ADWS status. It looks fine, when I test locally it works as expected:

 

SERVICE_NAME: adws

TYPE : 10 WIN32_OWN_PROCESS

STATE : 4 RUNNING (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)

WIN32_EXIT_CODE : 0 (0x0)

SERVICE_EXIT_CODE : 0 (0x0)

CHECKPOINT : 0x0

WAIT_HINT : 0x0

 

But when I try to access the ADWS on the other domain, I get the following error:

[sC] EnumQueryServicesStatus:OpenService FAILED 5:
Access is denied.

 

 

This test I ran on the primary domain controller, where the trust was made.

 

Anyone had any issue like this? Any tips for this desperate sysadmin? :)

 

 

Thanks!

Share this post


Link to post
Share on other sites

1 answer to this question

Recommended Posts

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.