How do I find the GUID of a Permissions Property

Question

Hello again!

I'm building a script that will create Adaxes Security Roles for each new customer we bring on

I'm trying to create a Role with the ability to change passwords of users.

Specifically I want to allow members of the security role to be able to Write the Password Last Set Property and Write the Account Options Property

Here's a snip of the script:

# Allow: User -> Write Account Options Property
$entry = $role.Permissions.Create()

$userClassGuid = # the GUID of the User object class
    "{bf967aba-0de6-11d0-a285-00aa003049e2}"

$entry.AccessType = "ADM_PERMISSION_TYPE_ALLOW"
$entry.AccessMask = "ADS_RIGHT_DS_WRITE_PROP"
$entry.ObjectType = #NeedGUID for the Write Account Options Property
$entry.InheritedObjectType = $userClassGuid

$entry.SetInfo() # save the permission entry
$role.Permissions.Add($entry) # add the permission to the role

# Allow: User -> Write Password Last Set Property
$entry = $role.Permissions.Create()

$userClassGuid = # the GUID of the User object class
    "{bf967aba-0de6-11d0-a285-00aa003049e2}"

$entry.AccessType = "ADM_PERMISSION_TYPE_ALLOW"
$entry.AccessMask = "ADS_RIGHT_DS_WRITE_PROP"
$entry.ObjectType = #NeedGUID for the Password Last Set Property
$entry.InheritedObjectType = $userClassGuid

$entry.SetInfo() # save the permission entry
$role.Permissions.Add($entry) # add the permission to the role

I've found several examples that give me values for the ObjectType but I'm not sure how to find the right values for Permissions Properties. If there's a way to list all the properties for user or group objects it would really help me get the script finished up.

asked Nov 14, 2015 by drew.tittle (810 points)

1 Answer

Related questions

0 votes

1 answer

Where can I find a list of all the URLs that an Adaxes server uses with IIS?

I need a list of all the URLs that Adaxes creates in IIS on the server Adaxes is installed on.

asked Feb 6, 2020 by DaralenManta (20 points)

0 votes

1 answer

How do I generate a report that will out put a list of all Approvers.

We have a rule setup that when a user requests membership into a group it will email approvers of the group for approval. I would like to create a report that sends out a list of ALL approvers for every group we have approvals setup for.

asked Dec 18, 2023 by jujones79 (20 points)

0 votes

0 answers

How do I change the user account from .local to .com when creating a user?

We are in hybrid mode with 365. All the accounts we create have to made with a .com instead of .local. How can I make that change in adaxes? Or is this some default I need to change in AD instead?

asked Apr 11, 2022 by LEGIT1 (150 points)

0 votes

1 answer

How do I register a domain when it's in the same forest?

So we have a new domain , lets say @def.com. It's within our primary domain @abc.com...this was done due to a company split. What changed for our users were their ... operational. LDAP Server unavailable" If I use my @abc.com, it works. Please advise. thanks

asked Oct 1, 2013 by MeliOnTheJob (1.7k points)

0 votes

1 answer

how do I find my web interface component executable or reInstall it where my adaxes console resides?

Salutations, We have an Adaxes server that we use that was setup by someone whom is no longer with us. There is a section in the web interface that a standard user uses ... standard users fill out on one of the web pages Adaxes has setup in IIS. Suggestions?

asked Jan 16, 2023 by jkaufman-lr (20 points)

How do I find the GUID of a Permissions Property

Please log in or register to add a comment.

Please log in or register to answer this question.

1 Answer

Please log in or register to add a comment.

Related questions