jeffpatton1971/Copy-AdAcl.ps1

## Copy-AdAcl.ps1
#
# Copy AD ACL Rules
#
param
(
$adPath,
$secPrincipal,
$newPrincipal
)

$Permissions = ([adsi]$adPath).ObjectSecurity;
if ($Permissions)
{
    $Rules = $Permissions.Access |Where-Object -Property IdentityReference -eq $secPrincipal;
    $IdentityReference = New-Object System.Security.Principal.NTAccount($newPrincipal);
    $NewRules = @()

    foreach ($Rule in $Rules)
    {
        $NewRule = New-Object System.DirectoryServices.ActiveDirectoryAccessRule(
            $IdentityReference,
            $Rule.ActiveDirectoryRights,
            $Rule.AccessControlType,
            $Rule.ObjectType,
            $Rule.InheritanceType,
            $Rule.InheritedObjectType);
        $NewRules += $NewRule;
        $Permissions.SetAccessRule($NewRule);
        }
    }

    return $NewRules;
else
{
    Write-Host "No permissions returned from $($adPath), please verify that you have typed the path in properly";
    }
	#
	# Copy AD ACL Rules
	#
	param
	(
	$adPath,
	$secPrincipal,
	$newPrincipal
	)

	$Permissions = ([adsi]$adPath).ObjectSecurity;
	if ($Permissions)
	{
	$Rules = $Permissions.Access \|Where-Object -Property IdentityReference -eq $secPrincipal;
	$IdentityReference = New-Object System.Security.Principal.NTAccount($newPrincipal);
	$NewRules = @()

	foreach ($Rule in $Rules)
	{
	$NewRule = New-Object System.DirectoryServices.ActiveDirectoryAccessRule(
	$IdentityReference,
	$Rule.ActiveDirectoryRights,
	$Rule.AccessControlType,
	$Rule.ObjectType,
	$Rule.InheritanceType,
	$Rule.InheritedObjectType);
	$NewRules += $NewRule;
	$Permissions.SetAccessRule($NewRule);
	}
	}

	return $NewRules;
	else
	{
	Write-Host "No permissions returned from $($adPath), please verify that you have typed the path in properly";
	}