Reset AD Object permissions - Reset-VirotADPermissions

Sometimes you need to reset the permissions of an AD ObjectMost often the reason why you want to do this is due to the fact that your users have been affected by the AdminSDHolder, which has removed the default permissions and disabled inheritance. Most suggestions given is just

1,210 times
Add to favorites
Active Directory
E-mail Twitter Digg Facebook
  • Change Name to ldapDisplayName
    1 Posts | Last post November 02, 2018
    • I used your function to reset AD object permissions, but the function fails when trying on OU's.
      Because the ObjectClass correspondents with ldapDisplayName, I changed the section where the hashtable is build up with default securities as follows.
          ForEach ($Class in (Get-ADObject -SearchBase $RootDSE.schemaNamingContext -ldapFilter '(&(Objectclass=classSchema)(defaultSecurityDescriptor=*))' -Properties defaultSecurityDescriptor, ldapDisplayName))
            $defaultSecurityDescriptor[$class.ldapDisplayName] = $Class.defaultSecurityDescriptor