AD Delegation

I want to Delegate Permissions to a Security Group in AD. Now I only want these permissions to be on certain OU's. Is there a way to quickly do this or automate it?

Right now I am manually doing each OU and it is just taking awhile.
LVL 3
ShawnSr. Network AdministratorAsked:
Who is Participating?
 
allen_richConnect With a Mentor Commented:
To use the given below script:

$ou = "AD:\OU=Users,DC=contoso,DC=com"

$group = Get-ADGroup MyGroup
$sid = new-object System.Security.Principal.SecurityIdentifier $group.SID

$acl = get-acl $ou

$ace = new-object System.DirectoryServices.ActiveDirectoryAccessRule $sid,"GenericAll, ","Allow"

$acl.AddAccessRule($ace) set-acl -aclobject $acl $ou

and You can read this article for more information about this.
0
 
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Have you considered using powershell?  (Of course, like almost everything that involves scripting, it'll take a while and some effort to get the automation set up, but should be faster after that.)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.