MSFT_GroupResource: Fix for the issue #82

CHANGELOG.md

@@ -1,6 +1,12 @@
 # Change log for PsDscResources
 
 ## Unreleased
+* Group
+  * Workaround added for the [Issue #82](https://github.com/PowerShell/PSDscResources/issues/82)
+    The resource could fail with the
+    'Exception calling "Add" with "1" argument(s): "The network path was not found."'
+    The workaround is to catch the exception and try to use another programmatic method
+    to update group members.
 
 ## 2.12.0.0
 

DscResources/MSFT_GroupResource/MSFT_GroupResource.psm1

@@ -2487,13 +2487,18 @@ function Clear-GroupMember
 <#
     .SYNOPSIS
         Adds the specified member to the specified group.
-        This is a wrapper function for testing purposes.
 
     .PARAMETER Group
         The group to add the member to.
 
     .PARAMETER MemberAsPrincipal
         The member to add to the group as a principal.
+
+    .NOTES
+        There is an issue reported at https://github.com/PowerShell/PSDscResources/issues/82
+        If local group already has members from trusted forests/domains, the Add method fails
+        The exact reason of the failure is unknown at the moment and as a workaround try-catch
+        block is used to fallback to ADSI WinNT provider.
 #>
 function Add-GroupMember
 {
@@ -2511,7 +2516,18 @@ function Add-GroupMember
         $MemberAsPrincipal
     )
 
-    $Group.Members.Add($MemberAsPrincipal)
+    try
+    {
+        $Group.Members.Add($MemberAsPrincipal)
+    }
+    catch
+    {
+        Write-Verbose -Message $script:localizedData.PrincipalCollectionAddMethodException
+        Write-Verbose -Message $_.ToString()
+        Write-Verbose -Message $script:localizedData.WinNTProviderFallback
+        [ADSI] $adsiGroup = ("WinNT://$env:COMPUTERNAME/$($Group.Name),group")
+        $adsiGroup.Add("WinNT://$($MemberAsPrincipal.Sid)")
+    }
 }
 
 <#

DscResources/MSFT_GroupResource/en-US/MSFT_GroupResource.strings.psd1

@@ -33,4 +33,6 @@ ConvertFrom-StringData @'
     SetTargetResourceEndMessage = End executing Set functionality on the group {0}.
     MembersToIncludeEmpty = MembersToInclude is empty. No group member additions are needed.
     MembersToExcludeEmpty = MembersToExclude is empty. No group member removals are needed.
+    PrincipalCollectionAddMethodException = The Add method of the System.DirectoryServices.AccountManagement.PrincipalCollection class has thrown an exception.
+    WinNTProviderFallback = Falling back to ADSI WinNT provider.
 '@