September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
14.13. Resetting an Object’s ACL to the Default Defined in the Schema
Problem
You want to reset an object’s ACL to the one defined in the schema for the object’s object class.
Solution
Using a graphical user interface
Tip
This is available only in the Windows Server 2003 version of the ACL Editor.
Open the ACL Editor. You can do this by viewing the properties of an object (right-click on the object and select Properties) with a tool, such as Active Directory Users and Computers (ADUC) or ADSI Edit. Select the Security tab. To see the Security tab with ADUC, you must select View → Advanced Features from the menu.
Click the Advanced button.
Click the Default button.
Click OK twice.
Using a command-line interface
> dsacls <ObjectDN> /sDiscussion
For more on the default security descriptor, see Recipe 14.11.