Re: How to copy ACLs from one OU to another?

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "D Dub" <DDub@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 15 Apr 2005 12:31:07 -0700

Thank you Ulf!

I just checked for the first time in several days and found your message...
I will certainly check out the vbscript you have suggested.

-Dan

"Ulf B. Simon-Weidner [MVP]" wrote:

> "D Dub" <DDub@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:DDub@xxxxxxxxxxxxxxxxxxxxxxxxx:
> > Hi All,
> >
> > I have to create some very detailed access permissions on a set of of OUs
> > in
> > AD (too granular to use the delegation wizard), and then duplicate those
> > ACEs
> > on the security descriptors of many other OUs in the directory. Is there a
> >
> > tool or method which will let me copy permissions between OUs in this way?
> > I
> > am trying to save myself hours of redundant manual permissioning
> > throughout
> > the tree.
> >
>
> Hello D Dub,
>
> I've published a script to modify ACEs on specific objects (it copies
> the ACEs from one DACL to a new one, modifies them in the process if
> necessary, and then assigns the new DACL to the old object). You should
> easily be able to modify that to meet your needs. Look at
> http://www.windowsserverfaq.org/faq/CompACLs.asp
>
> --
> Gruesse - Sincerely,
>
> Ulf B. Simon-Weidner
>
> MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
> Weblog: http://msmvps.org/UlfBSimonWeidner
> WebSite: http://www.windowsserverfaq.org
>
.

Follow-Ups:
- Re: How to copy ACLs from one OU to another?
  - From: Ulf B. Simon-Weidner [MVP]

References:
- How to copy ACLs from one OU to another?
  - From: D Dub
- Re: How to copy ACLs from one OU to another?
  - From: Ulf B. Simon-Weidner [MVP]

Prev by Date: Re: How can I disable (grey out) the "Password never expires" chec
Next by Date: Re: How to copy ACLs from one OU to another?
Previous by thread: Re: How to copy ACLs from one OU to another?
Next by thread: Re: How to copy ACLs from one OU to another?
Index(es):
- Date
- Thread

Relevant Pages

Re: Want to turn permission propagation off in SetNamedSecurityInfo . . .
... The ACL and ACEs were pretty easy to parse, ... The object-specific ACEs are a bit weird and I ... determining the exact algorithms used to propagate the permissions. ... SE_FILE_OBJECT, read the dacl, then deleted any ACEs from the DACL ...
(microsoft.public.platformsdk.security)
Re: How to copy ACLs from one OU to another?
... > tool or method which will let me copy permissions between OUs in this way? ... I've published a script to modify ACEs on specific objects (it copies ... and then assigns the new DACL to the old object). ...
(microsoft.public.windows.server.active_directory)
Re: User Name
... you need to create ACEs (with the permissions that you want) within of the ... DACL of your file application. ... > the group he belongs to. ...
(microsoft.public.win32.programmer.kernel)
Re: GetAce API in VB.Net
... Imran. ... >> I want to create a new file security descriptor exactly like the old one ... >> the old SD DACL aces and placing them in a new SD DACL. ...
(microsoft.public.dotnet.languages.vb)
Re: Granting write access to HKLM
... Here is a starter setfor setting the securiy permissions on a key in the ... and then set the DACL to null - this gives Everyone full ... for full control to everyone). ... For details on setting specific permissions for specific security ...
(microsoft.public.vc.mfc)