Set-AdmPwdPdsSupportedForest
SYNOPSIS
Updates registration of supported AD forest for management in PDS configuration (optionally with connection credentials for the forest).
SYNTAX
Pds
Set-AdmPwdPdsSupportedForest [-Pds] <PdsEndpoint> [-ForestName] <String> [[-Credential] <PSCredential>] [[-KeyId] <UInt32>] [-OverrideForestName] [<CommonParameters>]
PdsName
Set-AdmPwdPdsSupportedForest [-PdsName] <String> [-ForestName] <String> [[-Credential] <PSCredential>] [[-KeyId] <UInt32>] [-OverrideForestName] [<CommonParameters>]
DESCRIPTION
PDS supports management of untrusted forests.
However, for management of untrusted forests, the following prerequisites must be configured:
- Explicit credentials for PDS to use when accessing intrusted forest
- Mapping of SID from untrusted forest to SIDs from PDS forests.
For management of untrusted AD forest, connection credentials are required.
For management of trusted AD forest, connection credentials are optional.
EXAMPLES
Example 1
# Collect connection credentials
$creds = Get-Credential
# Configure supported forest on all PDS instances
Get-AdmPwdPds | Set-AdmPwdPdsSupportedForest -ForestName 'MyRemoteForest.com' $Credential $creds
Gets list of all PDS instances discovered and updates definition of supported AD forest with explicit credentials. Credentials are encrypted in PDS configuration file by most recent PDS enryption key.
PARAMETERS
-Pds
Instance of PDS as returned by Get-AdmPwdPds command
Type: PdsEndpoint
Parameter Sets: Pds
Aliases:
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
-PdsName
Name of instance of PDS - DNS name of machine hosting PDS service
Type: String
Parameter Sets: PdsName
Aliases:
Required: True
Position: 0
Default value: None
Accept pipeline input: True (ByValue)
Accept wildcard characters: False
-ForestName
DNS name of remote AD forest.
Type: String
Parameter Sets: (All)
Aliases:
Required: True
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Credential
Credential to use when PDS connects to AD forest being updated.
Type: PSCredential
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-KeyId
ID of key that will be used to protect connection credentials in PDS configuration file.
Default: null (which means that PDS will automatically use latest encryption key)
Type: UInt32
Parameter Sets: (All)
Aliases:
Required: False
Position: 3
Default value: $null
Accept pipeline input: False
Accept wildcard characters: False
-OverrideForestName
Do not specify unless you know what you're doing or product support asks you to do so
Type: SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: 4
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
INPUTS
AdmPwd.Types.PdsEndpoint
System.Management.Automation.PSCredential
System.String
System.UInt32
OUTPUTS
NOTES
Caller has to be member of PDS administrators role. If not member, Access Denied error is returned.