We have a two-way trust between two domains, and everything works as expected.
One thing I'm trying to do is to use the command AD-GetGroupMember to see who are the members on groups on the other domain. The command runs fine but it only list the users from remote domain that are on the group: the users from the local domain, who are in the group, are not listed.
Doing some research I found the following information: This cmdlet does not work when a group has members located in a different forest, and the forest does not have Active Directory Web Service running.
So I went to check the ADWS status. It looks fine, when I test locally it works as expected:
SERVICE_NAME: adws
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
But when I try to access the ADWS on the other domain, I get the following error:
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.
Hi All,
We have a two-way trust between two domains, and everything works as expected.
One thing I'm trying to do is to use the command AD-GetGroupMember to see who are the members on groups on the other domain. The command runs fine but it only list the users from remote domain that are on the group: the users from the local domain, who are in the group, are not listed.
Doing some research I found the following information: This cmdlet does not work when a group has members located in a different forest, and the forest does not have Active Directory Web Service running.
So I went to check the ADWS status. It looks fine, when I test locally it works as expected:
SERVICE_NAME: adws
TYPE : 10 WIN32_OWN_PROCESS
STATE : 4 RUNNING (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
But when I try to access the ADWS on the other domain, I get the following error:
This test I ran on the primary domain controller, where the trust was made.
Anyone had any issue like this? Any tips for this desperate sysadmin?
Thanks!
Share this post
Link to post
Share on other sites