AD Delegation specific rights

Welcome Forums General PowerShell Q&A AD Delegation specific rights

This topic contains 1 reply, has 2 voices, and was last updated by

2 months, 1 week ago.

  • Author
  • #165181

    Topics: 5
    Replies: 6
    Points: 57
    Rank: Member

    I'm looking for the commands to control AD delegation via a powershell script which I can find a few examples on how to set full rights using special functions or set-acl to an OU as an example but nothing on how to set specific rights.  There is not a lot of good documentation or information on how to do this that I can find.

    Here are the rights I need to add to an assortment (roughly 100) of OU locations:

    Reset password
    Read/Write lockouttime
    Read/Write pwdlastset
    Read/Write UserAccountcontrol
    Write Account Restrictions
    Read MemberOf

    I have the foreach written with the OU's but do not know how to just set the above specific rights for a AD group.


    Please help or anything you can point me to for assistance would be great.

  • #165184

    Topics: 1
    Replies: 1530
    Points: 2,591
    Helping Hand
    Rank: Community Hero

You must be logged in to reply to this topic.