stackoom
  简体   繁体   中英

How To Set “Account Operators” to AD User?

 原文  2017-07-03 12:29:40       powershell/ active-directory/ account

Question

For now I've got a script where I can see every user from my Active Directory who has the SID from AccountOperators (5-1-2-32-548) set and the ones who don't.

And now I want to that the user account without this SID, that they can be changed/edited from every other User with the SID set.

Not that they get the SID set.

1 answers

solution1
 2  2017-07-03 12:42:34

Set-Acl can set AD permissions just fine, but you don't want to set an ACL or SID. You want to add a user to the (builtin) domain group "Account Operators": 

Import-Module ActiveDirectory
Set-ADGroupMember -Identity 'Account Operators' -Members 'username'

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AD Permissions with a new user account How to unlock an Azure AD user account using powershell? How can I detect whether AD user password is expired without a second account to query AD? Creating ad user account with distinguished name Disable/Enable AD user account from CSV How to query the user for an AD account name, then use the input in the following PS Script? Reset AD user account password and email credentials to user How can I verify if an AD account is locked? How to reset password for Azure AD account Powershell AD user account expires date export condition
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM