Hi,
Active Directory 2016 introducing a new feature Expiring Links which allows the time based memberships. I am able to add the time based memberships using powershell. Here is the command to perform the same:
$ttl = New-TimeSpan -Hours 2
Add-ADGroupMember -Identity 'Domain Admins' -Members "CN=newuser1,CN=Users,DC=AD2016,DC=com" -MemberTimeToLive $ttl
This doesn't work when I run the commands using a remote powershell on Windows 2008 or 2012 as the earlier versions do not have the option '-MemberTimeToLive'.
1. If I have to use this feature using remote powershell on earlier versions, how can I do it? Do I need to install anything for this?
2. Is this feature supported through LDAP interface? If yes, how the time limit can be specified?
Thanks in advance.
ishwar