I've created a Powershell Script to create an OU and multiple sub OUs and SG Groups, I'm using ADSI to do this and it works fine.
However I'm not sure how to go about adding special permissions to the ACL of the OU for a SG, eg Allow Create / Delete Computer Objects, Allow Full Control Descendant Computer Objects for a security group called ABCD
I've tried using GetAccessRules to read the security perms (so I can use SetAccessRule)but the info GetAccessRules returns doesn't make enough sense for me to use it.
Can someone provide me with some code examples of how I should go about this.
I'm currently doing this on Windows 2008 (powershell 1.0., no QAD, but I'm prepared to 'upgrade' if need be)