Clone AD Permissions From One Existing User To Another

Posted on 2014-08-08
Last Modified: 2014-08-08

Is there a way that I can clone active directory permissions from one user to another?

I manage a domain and for some reason one user keeps getting a Windows - 'Open File Security Warning'. All machines are imaged identically and no other user experiences this. I have scanned to malware and viruses - some malware was removed but the problem persisted.

I'm thinking that if I can clone ALL of the permissions from a working AD account to my ailing user account it may solve the issue.

Any answers or advice greatly appreciated.
Question by:IT Guy
    LVL 41

    Assisted Solution

    You can goto to DSA.MSC, find working user, right click>copy and follow the steps.
    LVL 14

    Accepted Solution

    This is something I'd accomplish with a PowerShell script.

    Example of cloning the account:
    Get-QADUser 'John Doe' -export | New-QADUser -ParentContainer mydomain.local/test -Name 'Jane Doe' -SamAccountName jane.doe -DisplayName 'Jane Doe' -FirstName Jane -LastName Doe -UserPassword 'P@ssword' -import

    Open in new window

    Then copying group permissions:
    (Get-QADUser 'John Doe').MemberOf | Add-QADGroupMember -Member ps64\jane.doe

    Open in new window


    Author Closing Comment

    by:IT Guy
    Thank's guys. Both solved the problem and both were equally good - only EE doesn't allow me to state that.

    Have a good weekend.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
    A quick step-by-step overview of installing and configuring Carbonite Server Backup.
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now