[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

change owner on ad objects in powershell

Posted on 2012-03-13
4
Medium Priority
?
2,170 Views
Last Modified: 2012-03-27
I'm looking to do a massive change to a bunch of computers in AD.  These computer objects need the owner change to a different user account.  I am looking to use Set-ADComputer powershell command but I can't figure out what other options I need to use.

Thanks.
0
Comment
Question by:Kishwaukee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 37715047
When you say owner what exactly do you mean? I do not see any attribute listed as owner in active directory.
0
 

Author Comment

by:Kishwaukee
ID: 37715064
first you need to have advanced features turned on.  Then select an object and go to properties, then security, advanced, then the owner tab.  I can change them all this way however this will take way to long to do one by one, I need a massive change script.
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 37715104
Ok I see it now. That is actually the ACL of the object in active directory so you will not be able to change it using SET-ADCOMPUTER. To actually change that you would need to use a tool like DSACLS although Im not sure what the powershell equivalent is.

http://ss64.com/nt/dsacls.html
0
 
LVL 71

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 37734813
Best to use get-acl, modify it, and than apply the change with set-acl (you will need to figure out yourself how to determine the corresponding computer object):
$obj = [LDAP]...
$acl = get-acl $obj
$acl.SetOwner([Security.Principal.NTaccount] "Domain\Login" )
set-acl -Path $obj -AclObject $acl

Open in new window

On the other hand, using external tools like dsacls is still a good idea, even in PowerShell; some stuff (like ACLs) are not handled in a comfortable way in PS.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
A walk-through example of how to obtain and apply new DID phone numbers to your cloud PBX enabled users that are configured in Office 365. Whether you have 1, 10 or 100+ users in your tenant, it's quite easy to get them phone-enabled and making/rece…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question