. .

Categories

User

Log In

Inheritable permissions on AD users are automatically disabled.

Written by at 2012-02-27

If you need to enable inheritable permissions on some AD users and after enabling it you constantly find them disabled in a hour or so, you can enable inheritance on  the adminSDHolder container by using Active Directory Users and Computers. The path of the adminSDHolder container is CN=adminSDHolder,CN=System,DC=<MyDomain>,DC=<Com> 
Note If you use Active Directory Users and Computers, make sure that Advanced Features is selected on theView menu. 

To enable inheritance on the adminSDHolder container:

  1. Right-click the container, and then click Properties.
  2. Click the Security tab.
  3. Click Advanced.
  4. Click to select the Allow Inheritable permissions to propagate to this object and all child objectscheck box .
  5. Click OK, and then click Close.

This is a workaround and not the ideal solution, read more about it here:

http://support.microsoft.com/?id=817433

Leave a Reply

Your email address will not be published. Required fields are marked *

*

CAPTCHA Image

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>