Location: List Archives

List Archives

This forum is an archive of all posts to our mailing list over the past few years.  The forum is set read only therefore to contribute you will need to join our list community.  See more info about this here.

 

When subscribed to the list you should use your standard email client to send your posts to ActiveDir@mail.activedir.org.

List Archives

Forums >ActiveDir Mail List Archive >List Archives
Subject: RE: [ActiveDir] Delegration of Administration
Prev Next
You are not authorized to post a reply.

AuthorMessages
ZJORZUser is Offline

Posts:389

02/16/2006 3:12 AM  
Usage: dsrevoke /report|/remove [/domain:] [/username:]
[/password:|*] [/root:]

/report: Only reports the ACEs that have been set for the given
principal on all domain and OU objects under root
/remove: Reports and then removes (after confirmation) the aces
for the given principal
/domain: Dns OR Netbios name of domain
(must be specified when is in domain other
than default or if alternate credentials are provided)
/username: Username if alternate credentials must be specified
/password: * will prompt for password
/root: Root OU to start search for ACEs. If not specified will
default to the specified domain's default naming context (The
root domain or OU must be specified using x500 format; if the
dn must include spaces enclose the option in quotes,e.g. "/root:..")
: Domain\User or Domain\Group for the security
principal being looked up

If (2) use DSACLS

jorge

________________________________

From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Carerros, Charles
Sent: Thu 2006-02-16 15:47
To: 'ActiveDir@xxxxxxxxxxxxxxxxxx'
Subject: [ActiveDir] Delegration of Administration

Does anyone have script or method of identifying what permission is set to a
security group through Delegation of Administration. I was hoping to find a
quick way of evaluating the security so that I can revamp our system.

Thanks,

Charlie
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/


This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
>
You are not authorized to post a reply.
Forums >ActiveDir Mail List Archive >List Archives > RE: [ActiveDir] Delegration of Administration



ActiveForums 3.7
Friends

Friends

VisualClickButoton
Members

Members

MembershipMembership:
Latest New UserLatest:dilips_mon
New TodayNew Today:1
New YesterdayNew Yesterday:0
User CountOverall:5292
People OnlinePeople Online:
VisitorsVisitors:42
MembersMembers:0
TotalTotal:42
Online NowOnline Now:

Ads

Copyright 2012 ActiveDir.org
Terms Of Use