I have a server in AWS not joined to the domain. When I run AD cmdlets like Get-ADUser, I started to get a failure from my scripts that use the me.domain.com as the input for the -Server parameter. I can’t seem to figure out what in my env changed that is causing this to break after working just fine for over a year.
This works:
Get-ADUser -Identity ‘dUser’ -Server ‘dc1.my.domain.com’ -Credential $credential | Select name
This Fails:
Get-ADUser -Identity ‘dUser’ -Server ‘my.domain.com’ -Credential $credential | Select name
Get-ADUser : Either the target name is incorrect or the server has rejected the client credentials.
Thanks for the response. That is what I thought originally as well.
But when I do a nslookup, I get a list of the three-domain controllers’ IPs.
This is a strange one. I’m not sure if this is related or not, but if I change the user name from
domain\username to UPN, it starts working as well.
Update on changing the username format, it has stopped working that way as well. Does anyone have a better understanding on the whole authentication process? How are certs involved?