Trying to add a group from a trusting domain to a domain local group using distinguished name.
working with ActiveDirectory 6.1.0-preview0005
NOT working with ActiveDirectory 6.2.0
Verbose logs
VERBOSE: [server]: LCM: [ Start Resource ] [[ADGroup]Group]
VERBOSE: [server]: LCM: [ Start Test ] [[ADGroup]Group]
VERBOSE: [server]: [[ADGroup]Group] Retrieving AD Group 'Group'. (ADG0021)
VERBOSE: [server]: [[ADGroup]Group] The AD Group 'Group' is present. (ADG0023)
VERBOSE: [server]: [[ADGroup]Group] Retrieving group membership based on 'DistinguishedName' property. (ADG0001)
VERBOSE: [server]: [[ADGroup]Group] Checking for 'Included' members. (ADCOMMON0019)
VERBOSE: [server]: [[ADGroup]Group] Member 'CN=Group,DC=domain,DC=tld' is not in the desired state. (ADCOMMON0021)
VERBOSE: [server]: [[ADGroup]Group] Membership is NOT in the desired state. (ADCOMMON0024)
VERBOSE: [server]: [[ADGroup]Group] Group membership is NOT in the desired state. (ADG0002)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Ensure' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Category' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'GroupScope' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Description' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Notes' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Path' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'GroupName' is in desired state. (DRC0039)
VERBOSE: [server]: LCM: [ End Test ] [[ADGroup]Group] in 0.0320 seconds.
VERBOSE: [server]: LCM: [ Start Set ] [[ADGroup]Group]
VERBOSE: [server]: [[ADGroup]Group] Retrieving AD Group 'Group'. (ADG0021)
VERBOSE: [server]: [[ADGroup]Group] The AD Group 'Group' is present. (ADG0023)
VERBOSE: [server]: [[ADGroup]Group] Retrieving group membership based on 'DistinguishedName' property. (ADG0001)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Ensure' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Category' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'GroupScope' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Description' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Notes' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'Path' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] The parameter 'GroupName' is in desired state. (DRC0039)
VERBOSE: [server]: [[ADGroup]Group] Adding 'CN=Group,DC=domain,DC=tld' member(s) to AD group 'Group'. (ADG0003)
VERBOSE: [server]: LCM: [ End Set ] [[ADGroup]Group] in 0.0620 seconds.
PowerShell DSC resource MSFT_ADGroup failed to execute Set-TargetResource functionality with error message: System.InvalidOperationException: Unable to resolve ObjectSID value from DistinguishedName
'CN=Group,DC=domain,DC=tld'. (ADCOMMON0062)
+ CategoryInfo : InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId : ProviderOperationExecutionFailure
+ PSComputerName : server.domain.dom
Name Version Path
---- ------- ----
ActiveDirectoryDsc 6.2.0 C:\Program Files\WindowsPowerShell\Modules\ActiveDirectoryDsc\6.2.0\ActiveDirectoryDsc.psd1
Problem description
Trying to add a group from a trusting domain to a domain local group using distinguished name.
working with ActiveDirectory 6.1.0-preview0005 NOT working with ActiveDirectory 6.2.0
Verbose logs
DSC configuration
Suggested solution
No
Operating system the target node is running
PowerShell version and build the target node is running
ActiveDirectoryDsc version