How to copy ACLs from one OU to another?

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: "D Dub" <DDub@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 7 Apr 2005 11:53:03 -0700

Hi All,

I have to create some very detailed access permissions on a set of of OUs in
AD (too granular to use the delegation wizard), and then duplicate those ACEs
on the security descriptors of many other OUs in the directory. Is there a
tool or method which will let me copy permissions between OUs in this way? I
am trying to save myself hours of redundant manual permissioning throughout
the tree.

Any guidance would be greatly appreciated!

Thank you.
.

Follow-Ups:
- Re: How to copy ACLs from one OU to another?
  - From: Ulf B. Simon-Weidner [MVP]
- Re: How to copy ACLs from one OU to another?
  - From: Chriss3 [MVP]

Prev by Date: Re: Storing Active Directory Passwords in SQL
Next by Date: Re: newbie - Proper User of AD as Address Book
Previous by thread: Storing Active Directory Passwords in SQL
Next by thread: Re: How to copy ACLs from one OU to another?
Index(es):
- Date
- Thread

Relevant Pages

Re: Bad bug in MS ACL API and seems to have been there for years!
... ANY group if the user is also a member of it will not duplicate the ... ACL for the user from the target domain. ... permissions from domain A with equivalent permissions from domain B - ... re-ACL the profile folder, adding the user account from the other domain. ...
(microsoft.public.windows.server.security)
RE: Excel 2003 - How do identify author?
... Read only access is available to all and managers have write ... permissions. ... The problem is that duplicate copies are created sometimes ... unintentionally usually through ignorance. ...
(microsoft.public.excel.misc)
Re: HOW CAN DUPLICATES BE DELETED,NOT FILTERED?
... In Excel 2007, I have 2 columns: A contains names, B contains Permissions; ... this data was pulled from my database. ... duplicate names in "A", or replace them with a blank cell, and not disturb ...
(microsoft.public.excel.worksheet.functions)
Re: Allow users to change Description attribute for computer account
... by giving a users group create computer objects permission on the domain or ... The delegation wizard simply changes AD permissions on the object. ... > I found a script on technet from the scripting guys. ...
(microsoft.public.security)
Re: Security groups for OUs
... permissions on the OU, ... > user in OU2 each seperate and independently managed. ... > Is there any way of restricting an administrator in OU1 adding a user ... > As I have already use delegation wizard to restrict each OUs admin to ...
(microsoft.public.windows.server.active_directory)