< Back
Add-ADShadowGroup
Post
NAME Add-ADShadowGroup
SYNOPSIS
Create a new AD ShadowGroup
SYNTAX
Add-ADShadowGroup [[-GroupNameValue] <String>] [[-GroupSIDValue] <String>] [<CommonParameters>]
DESCRIPTION
Create a new AD ShadowGroup in the default container (cn=Shadow Principal Configuration,cn=Services...) (object to
be searched only in the current AD)
PARAMETERS
-GroupNameValue <String>
Mandatory parameter
-GroupNameValue string
Provide Shadow Group name to be created in configuration partition of directory (cn=Shadow Principal
Configuration,cn=Services...) (object to be searched only in the current AD)
Required? false
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-GroupSIDValue <String>
Mandatory parameter
-GroupSIDValue string
Provide SID of another AD group or user to shadow
Required? false
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
TypeName: Microsoft.ActiveDirectory.Management.ADObject
CanonicalName : admin.ad/Configuration/Services/Shadow Principal Configuration/PROD-Domain Admins
CN : PROD-Domain Admins
Created : 08/03/2017 16:00:41
createTimeStamp : 08/03/2017 16:00:41
Deleted :
Description :
DisplayName :
DistinguishedName : CN=PROD-Domain Admins,CN=Shadow Principal
Configuration,CN=Services,CN=Configuration,DC=admin,DC=ad
dSCorePropagationData : {01/01/1601 01:00:00}
instanceType : 4
isDeleted :
LastKnownParent :
member : {CN=Temp Prod Admins Shadow,OU=Admins,DC=admin,DC=ad, CN=Temp Prod
Admins,OU=Admins,DC=admin,DC=ad, CN=Prod Admins,OU=Admins,DC=admin,DC=ad}
Modified : 08/03/2017 19:12:47
modifyTimeStamp : 08/03/2017 19:12:47
msDS-ShadowPrincipalSid : S-1-1-11-1111111111-1111111111-111111111-111
Name : PROD-Domain Admins
nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory : CN=ms-DS-Shadow-Principal,CN=Schema,CN=Configuration,DC=admin,DC=ad
ObjectClass : msDS-ShadowPrincipal
ObjectGUID : 37e6ba38-1787-41ef-937f-02a7c0be6fc3
ProtectedFromAccidentalDeletion : False
sDRightsEffective : 11
uSNChanged : 16646
uSNCreated : 16442
whenChanged : 08/03/2017 19:12:47
whenCreated : 08/03/2017 16:00:41
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>Add-ADShadowGroup -GroupNameValue "Shadow-Domain Admins" -GroupSIDValue
"S-1-1-11-1111111111-1111111111-111111111-111"
RELATED LINKS
SYNOPSIS
Create a new AD ShadowGroup
SYNTAX
Add-ADShadowGroup [[-GroupNameValue] <String>] [[-GroupSIDValue] <String>] [<CommonParameters>]
DESCRIPTION
Create a new AD ShadowGroup in the default container (cn=Shadow Principal Configuration,cn=Services...) (object to
be searched only in the current AD)
PARAMETERS
-GroupNameValue <String>
Mandatory parameter
-GroupNameValue string
Provide Shadow Group name to be created in configuration partition of directory (cn=Shadow Principal
Configuration,cn=Services...) (object to be searched only in the current AD)
Required? false
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-GroupSIDValue <String>
Mandatory parameter
-GroupSIDValue string
Provide SID of another AD group or user to shadow
Required? false
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
TypeName: Microsoft.ActiveDirectory.Management.ADObject
CanonicalName : admin.ad/Configuration/Services/Shadow Principal Configuration/PROD-Domain Admins
CN : PROD-Domain Admins
Created : 08/03/2017 16:00:41
createTimeStamp : 08/03/2017 16:00:41
Deleted :
Description :
DisplayName :
DistinguishedName : CN=PROD-Domain Admins,CN=Shadow Principal
Configuration,CN=Services,CN=Configuration,DC=admin,DC=ad
dSCorePropagationData : {01/01/1601 01:00:00}
instanceType : 4
isDeleted :
LastKnownParent :
member : {CN=Temp Prod Admins Shadow,OU=Admins,DC=admin,DC=ad, CN=Temp Prod
Admins,OU=Admins,DC=admin,DC=ad, CN=Prod Admins,OU=Admins,DC=admin,DC=ad}
Modified : 08/03/2017 19:12:47
modifyTimeStamp : 08/03/2017 19:12:47
msDS-ShadowPrincipalSid : S-1-1-11-1111111111-1111111111-111111111-111
Name : PROD-Domain Admins
nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory : CN=ms-DS-Shadow-Principal,CN=Schema,CN=Configuration,DC=admin,DC=ad
ObjectClass : msDS-ShadowPrincipal
ObjectGUID : 37e6ba38-1787-41ef-937f-02a7c0be6fc3
ProtectedFromAccidentalDeletion : False
sDRightsEffective : 11
uSNChanged : 16646
uSNCreated : 16442
whenChanged : 08/03/2017 19:12:47
whenCreated : 08/03/2017 16:00:41
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>Add-ADShadowGroup -GroupNameValue "Shadow-Domain Admins" -GroupSIDValue
"S-1-1-11-1111111111-1111111111-111111111-111"
RELATED LINKS