It is possible to add/remove external domains visibility on GPOADmin, however this require a registry key to be modified in the registry.
- Open Regedit on the GPOAdmin server
- Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Quest\GPOADmin\VCConfig
- Create a new string value named ExternalDomains
- The desired domains visibility can be added by entering the domain in the string value and can be removed by deleting it.
NOTE: If using GPOADmin 5.16 using an SQL configuration store the following steps are also necessary to use this key. To use the ExternalDomains registry key on a new GPOADmin 5.16 SQL configuration store, or an upgraded GPOADmin SQL configuration store where no permissions had previously been set for any ExternalDomains do the following for each domain in the ExternalDomains key:
- Get the objectGUID for each domain in the ExternalDomains list from ADSIEdit
- For each domain run the following SQL:
INSERT INTO [dbo].[Domains] ([DomainID], [DomainName], [ShowInLiveView], [IsAzure]) Values ('<DomainObjectGUID>','<DomainFQDN>',1,0) - For each domain Get the objectSID for the Domain Users group for each of the domains using ADSIEdit
- For each of these run the following SQL:
INSERT INTO [dbo].[DomainSecurity] ([DomainID],[TrusteeSID],[DomainRights]) values ('<DomainObjectGUID>', '<DomainUsersSID>', 255)