How to execute LDAP ADLDS command using cmd.exe?

325 views Asked by At

We have to execute dsacls command from cmd.exe to make changes in ADLDS user's permissions. When I tried to execute through CMD I got the below error

dsacls \\servername.com:6395\OU=users,DC=comp,DC=com /A /I:T /G CN=UserOne,OU=users,DC=comp,DC=com:GR

The specified server cannot perform the requested operation.
The command failed to complete successfully.

Do I have to execute any commands before I execute dsacls command? I'm currently using ADSI edit to do basic operations.

1

There are 1 answers

0
user2871239 On BEST ANSWER

No, it just works. I tested your command (locally) on a test instance I found on an old server:

dsacls \\localhost:60001\OU=Root,DC=TimTest /A /I:T /G CN=TestUser,CN=ADLDSUsers,DC=TimTest:GR

With /A, I had to be running 'As Administrator'; without /A, it wasn't necessary.

I then tested the same command from another machine, replacing localhost with the (NetBIOS) server name. Both versions of the command (with and without /A) worked.

Then, whilst testing the FQDN of the server I typo'd it, and got the same error as you.

Try the most basic version of the command, a read:

dsacls \\servername.com:6395\OU=users,DC=comp,DC=com