Simply: You have an OU in active directory … add any user accounts in the OU to a group … in addition you want to maintain the membership when accounts are added or removed from the OU.
The following link includes examples using the ds* commands and PowerShell to populate and maintain Shadow Groups.
Shadow Groups in Active Directory
It should be possible to expand these examples to include the user accounts from other OUs or to use Identity Attributes rather than OU.
No comments:
Post a Comment