Cloning Active Directory Security Settings
Whenever you add delegation rights to an AD object (i.e. allow a user to manage the members of an organizational unit), you really invoke a...
- Written By: ps1
- Last Updated: April 21, 2025
- 2 minutes read
Whenever you add delegation rights to an AD object (i.e. allow a user to manage the members of an organizational unit), you really invoke a...
Whenever you add delegation rights to an AD object (i.e. allow a user to manage the members of an organizational unit), you really invoke a change of security settings for the given AD object.
This script illustrates how you can read the security settings from one OU, and copy it to another OU. This requires the ActiveDirectory provider that ships with the ActiveDirectory module. This module is part of the free Microsoft RSAT tools that need to be present.
#requires -Version 2 -Modules ActiveDirectory Import-Module -Name ActiveDirectory # read AD security from NewOU1 $sd = Get-Acl -Path 'AD:\OU=NewOU1,DC=powershell,DC=local' # assign security to NewOU2 Set-Acl -Path 'AD:\OU=NewOU2,DC=powershell,DC=local' -AclObject $sd
Contact our sales team to get a personalized demo of our database management software for SQL Server!