Automate Forest trust creation

Just a quick note: In case you were not aware - netdom.exe cannot create a Forest trust (inbound or outbound). But you can leverage the S.DS namespace to automate this with a little powershell:

 

 

$targetForestName = "targetForest.local"

$trustPassword = "PassWord123!23"

$TrustDirection = "Outbound" # see https://msdn.microsoft.com/en-us/library/system.directoryservices.activedirectory.trustdirection.aspx

$Forest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()

$Forest.CreateLocalSideOfTrustRelationship($targetForestName,$TrustDirection,$trustPassword)

 

or both sides:

 

 

$DirectoryContextForTargetForest= new-object
System.DirectoryServices.ActiveDirectory.DirectoryContext("Forest",”contoso.local”,"contoso\administrator","Password")

$TargetForest =
[System.DirectoryServices.ActiveDirectory.Forest]::GetForest($DirectoryContextForTargetForest)

 $Forest =
[System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()

$Forest.CreateTrustRelationship($TargetForest,"Bidirectional")

 

Hope it helps someone

 

spat

Comments

• Anonymous
  December 08, 2016
  The comment has been removed