Solved

AD Delegation

Posted on 2014-03-06
2
246 Views
Last Modified: 2014-03-07
I want to Delegate Permissions to a Security Group in AD. Now I only want these permissions to be on certain OU's. Is there a way to quickly do this or automate it?

Right now I am manually doing each OU and it is just taking awhile.
0
Comment
Question by:Shawn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 39910148
Have you considered using powershell?  (Of course, like almost everything that involves scripting, it'll take a while and some effort to get the automation set up, but should be faster after that.)
0
 
LVL 2

Accepted Solution

by:
allen_rich earned 500 total points
ID: 39911736
To use the given below script:

$ou = "AD:\OU=Users,DC=contoso,DC=com"

$group = Get-ADGroup MyGroup
$sid = new-object System.Security.Principal.SecurityIdentifier $group.SID

$acl = get-acl $ou

$ace = new-object System.DirectoryServices.ActiveDirectoryAccessRule $sid,"GenericAll, ","Allow"

$acl.AddAccessRule($ace) set-acl -aclobject $acl $ou

and You can read this article for more information about this.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question