Adaxes

set-admgroup ManagedByList fails for child domains ("There is no such object on the server")

0 votes

I'm trying to set the adm-ManagedByList attribute on a few hundred groups via powershell, and found that it's only working for groups in our root domain, but fails for all groups in the child domains.

The line would be something like this:

set-admgroup -Identity $GroupDN -ManagedByList @{'add'= @($UserDN)} -AdaxesService ourAdaxesServer

And it comes back with:

set-admgroup : There is no such object on the server.

Manually doing this through the admin console works fine. Setting other attributes such as the description field is also no issue. The $groupDN and $UserDN are even in the same domain.

Even though I'm working with distinguishedNames, I tried it with specifying the domain DN in the partition parameter, and I would still get the same error but it leads with a Warning:

WARNING: Object with identity '## DN of the group ##' was found, but is located in partition '## DN of the root domain ##' rather than 
in the specified partition '## DN of the child domain where the group is actually located ##'.

Am I missing something here or is this a bug?

Thanks Felix

ago by (150 points)

1 Answer

0 votes
ago by (13.1k points)
selected ago by
Best answer

Hello,

To remedy the issue, you need to add the -Server parameter to the Set-AdmGroup cmdlet and pass the name of the domain where the updated group resides. For details about the parameter, have a look at the corresponding section of the following SDK article: https://www.adaxes.com/sdk/Set-AdmGroup/#Server.

Related questions

0 votes
1 answer
For the built-in Management history report, is there a way to exclude objects that have no recent modifications?

For example, if the scope is a specified OU, running the report will list management history for every object in the OU even if it has had no management operations ... so objects that have not had any recent modifications are excluded from the report results?

asked Aug 13, 2021 by ryan741 (120 points)
0 votes
1 answer
Using Get-ADMGroup doesn't find all the groups in all the registered domains.

I'm learning how to use the Adaxes powershell commands. I've tried searching for a group and that fails to find anything but the local domain. ... one domain. Get-AdmGroup -AdaxesService ADAXES01.domain.com -Credential $myCredentials -Identity Administrators

asked Jul 29, 2020 by ComputerHabit (790 points)
0 votes
1 answer
Is there a way to set the immutable ID to null to disconnect mailboxes?

We are trying to avoid the issue of deleting accounts and resting accounts, we want to implement disconnecting the account by setting the immutable id to null on accounts we want to keep.

asked Aug 16, 2023 by Carlos (20 points)
0 votes
1 answer
I suspect the answer is no, is the system able to produce a report for weak passwords?

We are trying to do a report on weak passwords, but i dont think adaxes is able to?

asked Mar 16, 2022 by marcwoollard (40 points)
0 votes
1 answer
Is there a way to get the last logged on from 365

Some of our users don't log on to AD ever therefore does not give us a true user picture?

asked Jun 4, 2021 by marcwoollard (40 points)
3,490 questions
3,183 answers
8,116 comments
547,181 users