I am successfully creating dynamic groups with powershell using this method:
https://www.oneidentity.com/community/active-roles/w/wiki/1040/create-dynamic-group-in-powershell
We have a dedicated server for dynamic groups and I would like to set edsaDGOriginatingService when I create the group.
I have tried:
After connecting to an ARS admin server:
$Group = (New-QADGroup -Name $groupName -ParentContainer $groupOU -SamAccountName $groupName -Description $RITM -ManagedBy $enterpriseADteamDN -ObjectAttributes @{'edsaDGOriginatingService'="server.domain"})
I also tried doing it with a set after the group had been converted to a dynamic group:
set-qadgroup $groupName -IncludedProperties edsaDGOriginatingService -ObjectAttributes @{'edsaDGOriginatingService'="server.domain"}
or
set-qadgroup $groupName -ObjectAttributes @{'edsaDGOriginatingService'="server.domain"}
none of these seem to be working
I can go into the GUI and select an alternate "service to evaluate and apply rule changes" from the drop down of my available ARS admin servers and it works. But attempting to set this value with PowerShell keeps failing. I do not get an error.
