Hey, Scripting Guy! With the following command as root domain to the Security Group, located in the Child domain only want to enable users to add. But somehow I could not add to the group, type the correct command. I would appreciate if you could help.
$OU="OU=Accountant,DC=child,DC=domain,DC=local"
$Group="CN=Group,OU=Groups,DC=rootdomain,DC=local"
Get-ADUser -SearchBase $OU -SearchScope OneLevel -LDAPFilter "(&(!memberOf=$Group)(!userAccountControl:1.2.840.113556.1.4.803:=2))" | ForEach-Object {Add-ADPrincipalGroupMembership –Identity $_ -MemberOf $Group}