Requirement is for a script to automate a migration task.
I have two domains, 'Domain A' and 'Domain B' Domain A contains an OU in which there are a number of users. The users are members of a number of security groups. Domain B also has an OU containing users. Many of these users have the same usernames as those in Domain B. The security groups that exist in Domain A also exist in Domain B.
What I need to do is ensure users in Domain B are in the same (equivilent) security groups as the equivilent user account in Domain A.
So, If I have Bob in domain A and he is a member of Security groups 'one' 'two' and 'three', I want a script to see if an account exists for Bob in domain B. If it exists, I want the script to see if Domain B Bob is a member of Security groups one, two and three. If he is - do nothing. If he isn't then add him to the groups.
I would like the following errors output to a log (text file)
- Security Group does not exist in Domain B
- User does not exist in Domain B
- Unable to add user to group (reason, if available?)
The script will be run by an account with domain admin access in both Domains. There is a two way trust between the two domains. It is a one-off activity, so I am happy for it to be a bit clunky. It doesn't have to look pretty!
I need this fast ie today, Friday.