K
Kim Br
Hello,
What im trying to do is delegating control (admin rights) to specific users in a security group so that they are administrators for a OU.
However i get the error message:
You cannot call a method on a null-valued expression.
At line:0 char:1
+ $OU.psbase.ObjectSecurity.AddAccessRule($ACE)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation:
) [], RuntimeException
+FUllyQualifiedErrorId : InvokeMethodNull
Below is the complete script:
$OU = [ADSI]("LDAP://OU=Teknik,OU=Melldala,DC=lab,DC=nu")
$Group = Get-ADGroup ("Teknik")
$Sid = [System.Security.Principal.SecurityIdentifier] $Group.SID
$identity = [System.Security.Principal.IdentityReference] $SID
$adRights = [System.DirectoryServices.ActiveDirectoryRights] ("GenericAll")
$type = [System.Security.AccessControl.AccessControlType] ("Allow")
$Inheritencetype = [System.DirectoryServices.ActiveDirectorySecurityInheritance] "All"
$ACE = New-Object System.DirectoryServices.ActiveDirectoryAccessRule $identity,$adrights,$Inheritencetype
$OU.psbase.ObjectSecurity.AddAccessRule($ACE)
$OU.psbase.commitchanges()
Any Ideas?
Continue reading...
What im trying to do is delegating control (admin rights) to specific users in a security group so that they are administrators for a OU.
However i get the error message:
You cannot call a method on a null-valued expression.
At line:0 char:1
+ $OU.psbase.ObjectSecurity.AddAccessRule($ACE)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation:
) [], RuntimeException+FUllyQualifiedErrorId : InvokeMethodNull
Below is the complete script:
$OU = [ADSI]("LDAP://OU=Teknik,OU=Melldala,DC=lab,DC=nu")
$Group = Get-ADGroup ("Teknik")
$Sid = [System.Security.Principal.SecurityIdentifier] $Group.SID
$identity = [System.Security.Principal.IdentityReference] $SID
$adRights = [System.DirectoryServices.ActiveDirectoryRights] ("GenericAll")
$type = [System.Security.AccessControl.AccessControlType] ("Allow")
$Inheritencetype = [System.DirectoryServices.ActiveDirectorySecurityInheritance] "All"
$ACE = New-Object System.DirectoryServices.ActiveDirectoryAccessRule $identity,$adrights,$Inheritencetype
$OU.psbase.ObjectSecurity.AddAccessRule($ACE)
$OU.psbase.commitchanges()
Any Ideas?
Continue reading...
