Campus Active Directory - Connect to Another Forest with PowerShell

PowerShell will automatically create a PSDrive for the Active Directory domain that the client is a member of. An additional PSDrive can be created for a different domain in another forest.

The following command will create a PSDrive for a different domain than the one the host is joined to.

New-PSDrive -Name <PSDrive-Name> -PSProvider ActiveDirectory -Server "<Domain-Controller>" -Scope Global c-credential (Get-Credential "<User-Name>") -root "//RootDSE/"

The "-Scope Global" switch is required if you run this cmd-let from a script. The new PSDrive can be used in several ways. Lets say that you want the to manage objects in adtest.wisc.edu with PowerShell from a host joined to the production AD forest. The following command will create a PSDrive named "ADTEST" that will be connected to the "adtest.wisc.edu" domain.

New-PSDrive -Name ADTEST -PSProvider ActiveDirectory -Server "tnads2.adtest.wisc.edu" -Scope Global -credential (Get-Credential "ADTEST\jsmith-ou") -root "//RootDSE/"

To use this PSDrive you can "cd" to the "ADTEST" PSDrive and then run the Active Directory modules as normal:

PS C:\> cd ADTEST:
PS C:\> Get-ADDomain

The second method is to provide the "server" switch with the name of the domain controller:

PS C:\> Get-ADDomain -server "tnads2.adtest.wisc.edu"

The following code will check to see if the drive exists prior to attempting creation of the new PSDrive

if (-not(Get-PSDrive TEST)) {
    New-PSDrive -Name ADTEST -PSProvider ActiveDirectory -Server "tnads2.adtest.wisc.edu" -Scope Global -credential (Get-Credential "ADTEST\jsmith-ou") -root "//RootDSE/"
    }Else{
    "Drive already exists"
    }

References:

Note: Starting on April 1st, 2016, adtest.wisc.edu will change to qa.wisc.edu.



Keywords:
campus active directory powershell psdrive forest connect 
Doc ID:
34832
Owned by:
MST Support in Identity and Access Management
Created:
2013-10-28
Updated:
2023-08-17
Sites:
Identity and Access Management