我有Kerio Connect服务器,它不允许组继承。所以我需要创建一个用于邮件的组和另一个用于具有类似用户的AD组。
我写道:
Import-Module ActiveDirectory
Get-ADGroupMember -Identity Sales.Department |select SamAccountName |ForEach-Object {Add-ADGroupMember -Identity sales.mail -Members $_.SamAccountName}
我需要为表达* .Department和邮件组的所有组制作* .mail
答案 0 :(得分:1)
使用Get-ADGroup检索sales.department的群组成员,然后使用Add-ADGroupMember
$MemberList = (Get-ADGroup -Identity "sales.department" -Properties member).member
Add-ADGroupMember -Identity "sales.mail" -Members $MemberList
答案 1 :(得分:0)
为此,您最好使用Add-ADPrincipalGroupMembership cmdlet而不是Add-ADGroupMember:对我来说工作正常:
Get-ADGroupMember -Identity Source-Group-Name |select SamAccountName |ForEach-Object {Add-ADPrincipalGroupMembership -Identity $_.SamAccountName -MemberOf Target-Group-Name}