1.1 doesnt seem to work for the get-qadobject... try this instead.
Get-Qadobject -ldapFilter "Objectclass=*" -DontUseDefaultIncludedProperties
-size 0 | %{.\Get-ADACL.ps1 $_.dn}
Brandon Shell
---------------
Blog:
http://www.bsonposh.com/
PSH Scripts Project:
www.codeplex.com/psobject
BS> wholey smokes... that is quite a lot of parsing
BS>
BS> Not sure about Get-ADPermission
BS>
BS> But this works for me (using my Get-ADAcl.ps1 script from my blog)
BS>
BS> Get-Qadobject -ldapFilter "Objectclass=*" -IncludedProperties 1.1
BS> -size 0 | %{.\Get-ADACL.ps1 $_.dn}
BS>
BS> Brandon Shell
BS> ---------------
BS> Blog:
http://www.bsonposh.com/
BS> PSH Scripts Project:
www.codeplex.com/psobject
W>> hi,
W>>
W>> i need to loop through all ad objects to find if a user has rights
W>> to anything. the object could be user, ou, computer, or anything in
W>> AD.
W>>
W>> i am quite familiar with get-adpermission cmdlet and use it all the
W>> time. however, it only accepts 1 DN. is there a way using
W>> powershell to start at root of AD (or start at a specific DN) and
W>> loop through all children and list rights a user has for everything
W>> below?
W>>
W>> thank you.
W>>