Hi,
I am trying to create a powershell script that will delete any “deny” permissions for Everyone on a OU and having an issue. I was trying to do something like this:
#Powershell Script to delete "Deny" Everyone permissions on OU
#Set AD as the location
Set-Location ad:
#Set these variables
$DN = "CN=test_OU,DC=testdomain,DC=local"
$user = "Everyone"
#Collect the current ACL
$Acl = (GEt-ACL -Path "AD:$DN").Access | where-object {$_.AccessControlType -eq "Deny"}
#Loop each access permission in the ACL
foreach ($access in $acl.Access) {
if ($access.IdentityReference.Value -eq $user) {
$acl.RemoveAccessRule($access)
}
}
When I run this I don’t get any errors but the permission does not get removed. Thanks in advance.
If it’s not just a copy and paste error here in the forum … I’d recommend to use VSCode for your script development. It will point you to variables defined but never used.
You define a variable $DistinguishedName but it seems like you’re using $DN
Sorry, I actually typed out the code myself. In my forum window it is showing as code. The $DistinguishedName is just a typo when I recreated the code for the forum. The code uses $DN for the Distingushed name variable everyone in my actual code. I corrected in the forum window.