Campus Active Directory - Connect to Another Forest with PowerShell
PowerShell will automatically create a PSDrive for the Active Directory domain that the client is a member of. An additional PSDrive can be created for a different domain in another forest.
The following command will create a PSDrive for a different domain than the one the host is joined to.
New-PSDrive -Name <PSDrive-Name> -PSProvider ActiveDirectory -Server "<Domain-Controller>" -Scope Global c-credential (Get-Credential "<User-Name>") -root "//RootDSE/"The "-Scope Global" switch is required if you run this cmd-let from a script. The new PSDrive can be used in several ways. Lets say that you want the to manage objects in adtest.wisc.edu with PowerShell from a host joined to the production AD forest. The following command will create a PSDrive named "ADTEST" that will be connected to the "adtest.wisc.edu" domain.
New-PSDrive -Name ADTEST -PSProvider ActiveDirectory -Server "tnads2.adtest.wisc.edu" -Scope Global -credential (Get-Credential "ADTEST\jsmith-ou") -root "//RootDSE/"To use this PSDrive you can "cd" to the "ADTEST" PSDrive and then run the Active Directory modules as normal:
PS C:\> cd ADTEST: PS C:\> Get-ADDomainThe second method is to provide the "server" switch with the name of the domain controller:
PS C:\> Get-ADDomain -server "tnads2.adtest.wisc.edu"The following code will check to see if the drive exists prior to attempting creation of the new PSDrive
if (-not(Get-PSDrive TEST)) {
New-PSDrive -Name ADTEST -PSProvider ActiveDirectory -Server "tnads2.adtest.wisc.edu" -Scope Global -credential (Get-Credential "ADTEST\jsmith-ou") -root "//RootDSE/"
}Else{
"Drive already exists"
}
References:
- Active Directory Powershell: The Drive is the connection (Active Directory Powershell Blog)
- Using the New-PSDrive Cmdlet (TechNet)
- Using the Get-PSDrive Cmdlet (TechNet)
Note: Starting on April 1st, 2016, adtest.wisc.edu will change to qa.wisc.edu.