Hello again!
I've built a script to make a few Security Roles. I need to set the read permission to OUs in the script and I think I'm having an issue.
I went into the Adaxes Admin console to find the GUID of an OU.
I found an OU Under the AD section and selected it, then I found the Object GUID in the result pane and right clicked it and went to properties. The GUID I found under the Advanced button is: GUID: {bf9679e7-0de6-11d0-a285-00aa003049e2}
When I use that GUID in the script like this:
# Allow: Read Group and User OUs
$entry = $role.Permissions.Create()
$ouClassGuid = # the GUID of the OU object class
"{bf9679e7-0de6-11d0-a285-00aa003049e2}"
$entry.AccessType = "ADM_PERMISSION_TYPE_ALLOW"
$entry.AccessMask = "ADS_RIGHT_GENERIC_READ"
$entry.ObjectType = [System.Guid]::Empty.ToString()
$entry.InheritedObjectType = $ouClassGuid
$entry.SetInfo() # save the permission entry
$role.Permissions.Add($entry) # add the permission to the role
It works without errors but when I check the Security Role in the Admin console it shows the GUID I entered under "apply to" rather than "Organizational-Unit" like it does when I create it in the interface.
Did I get the wrong GUID or am I doing something wrong in the script?
Thanks again!