How to restore the security (ACL) of an Organizational Unit
説明
This solution outlines how to restore the security (ACL) of an Organizational Unit
対策
Open the Recovery Manager for AD console and right click on the Recovery Manager for Active Directory node on the left hand side of the console and chose "Online Restore Wizard"
Chose the domain and the backup date/time in the wizard and click Next
You can leave the "Agentless method" enabled and click Next (specify an alternate account to perform the restore if need be)
On the "Objects to be processed" page click Add and then Browse
Navigate and select the OU to be restored
On the "Processing options page" choose "Process no child objects" if you only want to restore the Security on the OU and not child objects or chose Process all child objects if you want to restore security on all child objects. Click on "Process selected attributes". Scroll down in the list of attributes and chose "nTSecurityDescriptor"
Click next in the Wizard and click the option "Process to restore" and click Next
On the Objects to be Restored page put a check mark in for the OU to be restored
On the Processing Options page click the "Select Attributes" button and ensure that only "Security" and "nTSecurityDescriptor" is enabled