Our sharepoint farm was in Domain A and we wanted to grant rights to a group in Domain B.
It worked fine from the GUI but powershell add-spuser or new-spuser failed – both stating the user ID we were adding was no good.
Specifically this was for Mysites – we had thousands of them so doing it by hand wasn’t an option.
1 2 3 4 5 6 7 8 |
$app = Get-SPWebApplication -Identity https://www.siteInDomainA.com foreach($site in $app.Sites) { write-host "Updating $site" $web = $site.RootWeb $web.AllUsers.Add("DomainBDomain Users", [System.String]::Empty, "Domain Users", [System.String]::Empty) Set-SPUser -Identity 'DomainBDomain Users' -Web $web.Url -AddPermissionLevel 'Read' } |