Add Manager Attribute with different Domain Active Directory

FADHIL 0 Reputation points

Hi Everyone and Support,

Really need your help to solve this solution. Two domains already fully trusted and Authentication in all forest, permission already verify.

I have two domains. As example Domain A and Domain B, some users in Domain B need to report to specific user in Domain A, below script I used but getting error:

$manager = Get-ADUser -Identity 'CN=UserManager,OU=Users,DC=domainA,DC=com' -Server '' # Uses Global Catalog (GC)

Then Enter:

Set-ADUser -Identity 'UserReporting' -Manager $manager -Server ''

Then Enter -> Error code shows as below:

Set-ADUser : The name reference is invalid
At line:1 char:1
+ Set-ADUser -Identity 'UserReporting' -Manager $manager -Server 'domainB ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (UserReporting:ADUser) [Set-ADUser], ADException
    + FullyQualifiedErrorId : ActiveDirectoryServer:8373,Microsoft.ActiveDirectory.Management.Commands.SetADUser
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,035 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,802 questions
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,009 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Rich Matheisen 44,541 Reputation points

    The problem is the attempted creation of a user object (not an AD object, just within the PowerShell session) from a different domain.

    The easiest way around this is to use ADSI instead of Set-ADUser.