Hi,
I hope someone can put me in the right direction here, Im playing with some code I found, that copies AD groups from one user to another.
So far I have this

Import AD commands

import-Module ActiveDirectory

Login name of user to copy FROM

$copyfrom = Read-host "Enter username to copy from: "

Login name of user to copy TO

$pasteto = Read-host "Enter username to copy to: "

Get membership of FROM and add to

get-ADuser -Server “dc01.Domain.co.uk” -identity $copyfrom -properties memberof | select-object memberof -expandproperty memberof | Add-AdGroupMember -Server “dc01.Domain.co.uk” -Members $pasteto

This is working but the issue I have, is that some groups exisit in another domain ie Domain2 and I get an error, how do I get the code to check all our domains, instead of restricting my self to one domain in the -server parameter.
thank you in advance

So the memberof property includes the full path of the group, including the domain. Something like this:

CN=Domain Admins,OU=Groups,DC=my,DC=company,DC=com

So I believe the reason it is failing is because you are specifying the -Server parameter in your Add-ADGroupMember call, limiting yourself to a single domain. As to how to fix this, there are several ways to skin the proverbial cat. My first question is are you working with a single account that has access delegated across all domains, or do you have separate credentials for each?

Good morning, thank you for responding to my query.
I have one account delegated across three domains.
Cheers