We have to execute dsacls command from cmd.exe to make changes in ADLDS user's permissions. When I tried to execute through CMD I got the below error
dsacls \\servername.com:6395\OU=users,DC=comp,DC=com /A /I:T /G CN=UserOne,OU=users,DC=comp,DC=com:GR
The specified server cannot perform the requested operation.
The command failed to complete successfully.
Do I have to execute any commands before I execute dsacls command? I'm currently using ADSI edit to do basic operations.
No, it just works. I tested your command (locally) on a test instance I found on an old server:
dsacls \\localhost:60001\OU=Root,DC=TimTest /A /I:T /G CN=TestUser,CN=ADLDSUsers,DC=TimTest:GR
With /A
, I had to be running 'As Administrator'; without /A
, it wasn't necessary.
I then tested the same command from another machine, replacing localhost with the (NetBIOS) server name. Both versions of the command (with and without /A
) worked.
Then, whilst testing the FQDN of the server I typo'd it, and got the same error as you.
Try the most basic version of the command, a read:
dsacls \\servername.com:6395\OU=users,DC=comp,DC=com