< Back
Add-ADShadowGroupMember
Post
NAME Add-ADShadowGroupMember
SYNOPSIS
Add a new member in an existing AD ShadowGroup
SYNTAX
Add-ADShadowGroupMember [-GroupNameValue] <String> [-MemberNameValue] <String> [-TypeValue] <String> [[-TTLValue]
<String>] [<CommonParameters>]
DESCRIPTION
Add a new member in an existing AD ShadowGroup. The member could be a user or a group but must be located in the
same AD hosting the Shadow Group.
PARAMETERS
-GroupNameValue <String>
Mandatory parameter
-GroupNameValue string
Provide Shadow Group name to be used in configuration partition of directory (cn=Shadow Principal
Configuration,cn=Services...) (object to be searched only in the current AD)
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-MemberNameValue <String>
Mandatory parameter
-MemberNameValue string
Provide the name of user or group to be added in the "member" attribute of the AD Shadow Group (object to be
searched only in the current AD)
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-TypeValue <String>
Required? true
Position? 4
Default value
Accept pipeline input? false
Accept wildcard characters? false
-TTLValue <String>
Optional parameter
-TTLValue string (time in second)
Provide the TTL membership for the entry to be added (user or group). At the end of the TTL, the entry is
removed automatically from the member attribute of the object.
Required? false
Position? 5
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
TypeName: Microsoft.ActiveDirectory.Management.ADObject
CanonicalName : admin.ad/Configuration/Services/Shadow Principal Configuration/PROD-Domain Admins
CN : PROD-Domain Admins
Created : 08/03/2017 16:00:41
createTimeStamp : 08/03/2017 16:00:41
Deleted :
Description :
DisplayName :
DistinguishedName : CN=PROD-Domain Admins,CN=Shadow Principal
Configuration,CN=Services,CN=Configuration,DC=admin,DC=ad
dSCorePropagationData : {01/01/1601 01:00:00}
instanceType : 4
isDeleted :
LastKnownParent :
member : {CN=Temp Prod Admins Shadow,OU=Admins,DC=admin,DC=ad, CN=Temp Prod
Admins,OU=Admins,DC=admin,DC=ad, CN=Prod Admins,OU=Admins,DC=admin,DC=ad}
Modified : 08/03/2017 19:12:47
modifyTimeStamp : 08/03/2017 19:12:47
msDS-ShadowPrincipalSid : S-1-1-11-1111111111-1111111111-111111111-111
Name : PROD-Domain Admins
nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory : CN=ms-DS-Shadow-Principal,CN=Schema,CN=Configuration,DC=admin,DC=ad
ObjectClass : msDS-ShadowPrincipal
ObjectGUID : 37e6ba38-1787-41ef-937f-02a7c0be6fc3
ProtectedFromAccidentalDeletion : False
sDRightsEffective : 11
uSNChanged : 16646
uSNCreated : 16442
whenChanged : 08/03/2017 19:12:47
whenCreated : 08/03/2017 16:00:41
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>Add-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Domain Admins"
-MemberNameValue group
-------------------------- EXAMPLE 2 --------------------------
C:\\PS>Add-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Super-Admin"
-MemberNameValue user
-------------------------- EXAMPLE 3 --------------------------
C:\\PS>Add-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Temp-Super-Admin"
-MemberNameValue user -TTLValue "3600"
RELATED LINKS
CommonParameters : True
WorkflowCommonParameters : False
details : @{name=Get-ADShadowGroup; noun=; verb=}
Syntax : @{syntaxItem=System.Object[]}
parameters : @{parameter=System.Object[]}
inputTypes : @{inputType=}
returnValues : @{returnValue=}
aliases : None
remarks : None
alertSet :
description :
examples :
Synopsis :
Get-ADShadowGroup [-GroupNameValue] <string> [<CommonParameters>]
ModuleName : Manage-ADShadowGroup
nonTerminatingErrors :
xmlns:command : http://schemas.microsoft.com/maml/dev/command/2004/10
xmlns:dev : http://schemas.microsoft.com/maml/dev/2004/10
xmlns:maml : http://schemas.microsoft.com/maml/2004/10
Name : Get-ADShadowGroup
Category : Function
Component :
Role :
Functionality :
SYNOPSIS
Add a new member in an existing AD ShadowGroup
SYNTAX
Add-ADShadowGroupMember [-GroupNameValue] <String> [-MemberNameValue] <String> [-TypeValue] <String> [[-TTLValue]
<String>] [<CommonParameters>]
DESCRIPTION
Add a new member in an existing AD ShadowGroup. The member could be a user or a group but must be located in the
same AD hosting the Shadow Group.
PARAMETERS
-GroupNameValue <String>
Mandatory parameter
-GroupNameValue string
Provide Shadow Group name to be used in configuration partition of directory (cn=Shadow Principal
Configuration,cn=Services...) (object to be searched only in the current AD)
Required? true
Position? 2
Default value
Accept pipeline input? false
Accept wildcard characters? false
-MemberNameValue <String>
Mandatory parameter
-MemberNameValue string
Provide the name of user or group to be added in the "member" attribute of the AD Shadow Group (object to be
searched only in the current AD)
Required? true
Position? 3
Default value
Accept pipeline input? false
Accept wildcard characters? false
-TypeValue <String>
Required? true
Position? 4
Default value
Accept pipeline input? false
Accept wildcard characters? false
-TTLValue <String>
Optional parameter
-TTLValue string (time in second)
Provide the TTL membership for the entry to be added (user or group). At the end of the TTL, the entry is
removed automatically from the member attribute of the object.
Required? false
Position? 5
Default value
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
TypeName: Microsoft.ActiveDirectory.Management.ADObject
CanonicalName : admin.ad/Configuration/Services/Shadow Principal Configuration/PROD-Domain Admins
CN : PROD-Domain Admins
Created : 08/03/2017 16:00:41
createTimeStamp : 08/03/2017 16:00:41
Deleted :
Description :
DisplayName :
DistinguishedName : CN=PROD-Domain Admins,CN=Shadow Principal
Configuration,CN=Services,CN=Configuration,DC=admin,DC=ad
dSCorePropagationData : {01/01/1601 01:00:00}
instanceType : 4
isDeleted :
LastKnownParent :
member : {CN=Temp Prod Admins Shadow,OU=Admins,DC=admin,DC=ad, CN=Temp Prod
Admins,OU=Admins,DC=admin,DC=ad, CN=Prod Admins,OU=Admins,DC=admin,DC=ad}
Modified : 08/03/2017 19:12:47
modifyTimeStamp : 08/03/2017 19:12:47
msDS-ShadowPrincipalSid : S-1-1-11-1111111111-1111111111-111111111-111
Name : PROD-Domain Admins
nTSecurityDescriptor : System.DirectoryServices.ActiveDirectorySecurity
ObjectCategory : CN=ms-DS-Shadow-Principal,CN=Schema,CN=Configuration,DC=admin,DC=ad
ObjectClass : msDS-ShadowPrincipal
ObjectGUID : 37e6ba38-1787-41ef-937f-02a7c0be6fc3
ProtectedFromAccidentalDeletion : False
sDRightsEffective : 11
uSNChanged : 16646
uSNCreated : 16442
whenChanged : 08/03/2017 19:12:47
whenCreated : 08/03/2017 16:00:41
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>Add-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Domain Admins"
-MemberNameValue group
-------------------------- EXAMPLE 2 --------------------------
C:\\PS>Add-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Super-Admin"
-MemberNameValue user
-------------------------- EXAMPLE 3 --------------------------
C:\\PS>Add-ADShadowGroupMember -GroupNameValue "Shadow-Domain Admins" -MemberNameValue "Temp-Super-Admin"
-MemberNameValue user -TTLValue "3600"
RELATED LINKS
CommonParameters : True
WorkflowCommonParameters : False
details : @{name=Get-ADShadowGroup; noun=; verb=}
Syntax : @{syntaxItem=System.Object[]}
parameters : @{parameter=System.Object[]}
inputTypes : @{inputType=}
returnValues : @{returnValue=}
aliases : None
remarks : None
alertSet :
description :
examples :
Synopsis :
Get-ADShadowGroup [-GroupNameValue] <string> [<CommonParameters>]
ModuleName : Manage-ADShadowGroup
nonTerminatingErrors :
xmlns:command : http://schemas.microsoft.com/maml/dev/command/2004/10
xmlns:dev : http://schemas.microsoft.com/maml/dev/2004/10
xmlns:maml : http://schemas.microsoft.com/maml/2004/10
Name : Get-ADShadowGroup
Category : Function
Component :
Role :
Functionality :