发表新帖
发表新帖

Set-ACL on AD Computer Object

后端 未结
关注
2 607
隐瞒了意图╮
隐瞒了意图╮ 2021-01-03 04:50

I am attempting to Set-Acl on a Computer Object in AD. Firstly I get the ACL using:

$acl = (Get-Acl AD:\\\'CN=Tester1,OU=Ou1,OU=OU2,OU=OU3,DC=Co
2条回答
  • 有刺的猬
    有刺的猬 (楼主)
    2021-01-03 05:37

    ActiveDirectory isn't a filesystem. You must create a new ACE for an AD object as an ActiveDirectoryAccessRule.

    $path = "AD:\CN=Tester1,OU=Ou1,OU=OU2,OU=OU3,DC=Contoso,DC=com"
$acl = Get-Acl -Path $path
$ace = New-Object Security.AccessControl.ActiveDirectoryAccessRule('DOMAIN\Computername','FullControl')
$acl.AddAccessRule($ace)
Set-Acl -Path $path -AclObject $acl

    0 讨论(0)
 看不清?
提交回复
热议问题