| Author | Messages | |
neilruston
Posts:164
 | | 12/03/2008 4:27 AM |
| I'm sure you'd do a great job but I'm gonna have to stick with the 3rd
party app already used :-) [even tho it complains if it doesn't own all
the GPOs!]
________________________________
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of joe
Sent: 02 December 2008 16:08
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Setting GPO owner programmatically
I would say the GPOs couldn't be in safer hands then... Especially since
you likely don't have access to his network. :o)
Would wonder about him having an ID for you there though. <eg>
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad3e.htm
________________________________
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Darren Mar-Elia
Sent: Tuesday, December 02, 2008 11:00 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Setting GPO owner programmatically
This bit of VBScript should do it Neil. Replacing cpandl.com with your
DNS domain name, GPO GUID with your own and Owner name with someone
other than me (unless you'd like me to control your GPOs :-))
Set GPM = CreateObject("GPMgmt.GPM")
Set Constants = GPM.GetConstants()
Set GPMDomain = GPM.GetDomain("cpandl.com", "", Constants.UsePDC)
Set GPO = GPMDomain.GetGPO("{3E6C0520-49D6-4C14-9DE0-EC91B055E44E}")
Set GPOACL= GPO.GetSecurityDescriptor(1)
Wscript.Echo "Current Owner: "& GPOACL.Owner
GPOACL.Owner = "cpandl\darren"
GPO.SetSecurityDescriptor 1,GPOACL
Wscript.Echo "New Owner: " & GPOACL.Owner
Darren
****
Darren Mar-Elia
CTO & Founder
SDM Software, Inc.
"The Group Policy Experts"
www.sdmsoftware.com <http://www.sdmsoftware.com/>
Spot and report on GPO inconsistencies quickly with GPO Compare
http://www.sdmsoftware.com/group_policy_compare
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of
neil.ruston@barclayswealth.com
Sent: Tuesday, December 02, 2008 7:19 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Setting GPO owner programmatically
Hi Darren,
I mean exactly that - the owner as defined in the ACL editor owner tab
:-)
________________________________
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Darren Mar-Elia
Sent: 02 December 2008 15:11
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Setting GPO owner programmatically
Neil-
What do you mean by Owner? Do you mean the actual security principal
that shows up in the ACL Editor Owner tab or something else?
Darren
****
Darren Mar-Elia
CTO & Founder
SDM Software, Inc.
"The Group Policy Experts"
www.sdmsoftware.com <http://www.sdmsoftware.com/>
Spot and report on GPO inconsistencies quickly with GPO Compare
http://www.sdmsoftware.com/group_policy_compare
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of
neil.ruston@barclayswealth.com
Sent: Tuesday, December 02, 2008 4:07 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Setting GPO owner programmatically
I'm feeling lazy ...
Here's my requirement:
* Enumerate all GPOs in the specified domain
* For each GPO found, set the owner to a pre-defined user
I can see that GPMC exposes methods for enumerating and setting GPO
permissions but wondered (lazily) if anyone had a script to accomplish
the above already (partially) written.
I don't have any preferences regarding the implementation method /
language used etc.
Any kind offers?
:-)
Thanks,
neil
________________________________
Barclays Wealth is the wealth management division of Barclays Bank PLC.
This email may relate to or be sent from other members of the Barclays
Group.
The availability of products and services may be limited by the
applicable laws and regulations in certain jurisdictions. The Barclays
Group does not normally accept or offer business instructions via
internet email. Any action that you might take upon this message might
be at your own risk.
This email and any attachments are confidential and intended solely for
the addressee and may also be privileged or exempt from disclosure under
applicable law. If you are not the addressee, or have received this
email in error, please notify the sender immediately, delete it from
your system and do not copy, disclose or otherwise act upon any part of
this email or its attachments.
Internet communications are not guaranteed to be secure or without
viruses. The Barclays Group does not accept responsibility for any loss
arising from unauthorised access to, or interference with, any Internet
communications by any third party, or from the transmission of any
viruses. Replies to this email may be monitored by the Barclays Group
for operational or business reasons.
Any opinion or other information in this email or its attachments that
does not relate to the business of the Barclays Group is personal to the
sender and is not given or endorsed by the Barclays Group.
Barclays Bank PLC. Registered in England and Wales (registered no.
1026167).
Registered Office: 1 Churchill Place, London, E14 5HP, United Kingdom.
Barclays Bank PLC is authorised and regulated by the Financial Services
Authority.
________________________________
Barclays Wealth is the wealth management division of Barclays Bank PLC.
This email may relate to or be sent from other members of the Barclays
Group.
The availability of products and services may be limited by the
applicable laws and regulations in certain jurisdictions. The Barclays
Group does not normally accept or offer business instructions via
internet email. Any action that you might take upon this message might
be at your own risk.
This email and any attachments are confidential and intended solely for
the addressee and may also be privileged or exempt from disclosure under
applicable law. If you are not the addressee, or have received this
email in error, please notify the sender immediately, delete it from
your system and do not copy, disclose or otherwise act upon any part of
this email or its attachments.
Internet communications are not guaranteed to be secure or without
viruses. The Barclays Group does not accept responsibility for any loss
arising from unauthorised access to, or interference with, any Internet
communications by any third party, or from the transmission of any
viruses. Replies to this email may be monitored by the Barclays Group
for operational or business reasons.
Any opinion or other information in this email or its attachments that
does not relate to the business of the Barclays Group is personal to the
sender and is not given or endorsed by the Barclays Group.
Barclays Bank PLC. Registered in England and Wales (registered no.
1026167).
Registered Office: 1 Churchill Place, London, E14 5HP, United Kingdom.
Barclays Bank PLC is authorised and regulated by the Financial Services
Authority.
Barclays Wealth is the wealth management division of Barclays Bank PLC. This email may relate to or be sent from other members of the Barclays Group.
The availability of products and services may be limited by the applicable laws and regulations in certain jurisdictions. The Barclays Group does not normally accept or offer business instructions via internet email. Any action that you might take upon this message might be at your own risk.
This email and any attachments are confidential and intended solely for the addressee and may also be privileged or exempt from disclosure under applicable law. If you are not the addressee, or have received this email in error, please notify the sender immediately, delete it from your system and do not copy, disclose or otherwise act upon any part of this email or its attachments.
Internet communications are not guaranteed to be secure or without viruses. The Barclays Group does not accept responsibility for any loss arising from unauthorised access to, or interference with, any Internet communications by any third party, or from the transmission of any viruses. Replies to this email may be monitored by the Barclays Group for operational or business reasons.
Any opinion or other information in this email or its attachments that does not relate to the business of the Barclays Group is personal to the sender and is not given or endorsed by the Barclays Group.
Barclays Bank PLC. Registered in England and Wales (registered no. 1026167).
Registered Office: 1 Churchill Place, London, E14 5HP, United Kingdom.
Barclays Bank PLC is authorised and regulated by the Financial Services Authority.
| | | |
|
|