Get-ADGroupMember Returns different results than AD Users and Computers

I have created a security group in my Computers OU and tested adding a couple of computers to it via Powershell. When I run Get-ADGroupMember against that group it returns the computer objects I would expect. However it does not return computers I have manually added through the AD Users and Computers application.

Also, when browsing the created group using AD Users and Computers I am not seeing the computers added via powershell, but do see computers added manually.

I feel like I may be missing something simple here…

The command I am using to add a computer is like so:
Add-ADGroupMember -identity S-1-5-21-1721530621-3416553010-47989647-1234 -members mycomputername$

To list group membership I am running:
get-adgroupmember -identity S-1-5-21-1721530621-3416553010-47989647-1342

Any feedback is appreciated!

Are you using different SIDs in your Add and Get commands deliberately, or is that just a bogus example value?

I intentionally changed a couple of characters for anonymity. Perhaps that was overkill. The SIDs for the identity are the same in the commands I am running here.

OK. It’s possible that you’re talking to different domain controllers in your PowerShell session and in your AD Users and Computers console. (This would typically happen because PowerShell requires a domain controller running AD Web Services, and ADUC just uses LDAP.) You might just have to wait for AD replication to take place.

Sure enough. I had recently connected Azure to our site and have a DC across a VPN that I am not used to seeing. It had added the accounts to that DC and replication had not occurred.

Thanks Dave!

No problem. :slight_smile: