This project has moved. For the latest updates, please go here.


ntsecuritydescriptor is not populated if user can read only some attributes of an object


If a user has permissions to read only some attributes of an object and to read permissions of that object, the script may throw errors about null-index array for $DSobject.Attributes. Somehow, ntsecuritydescriptor is not populated, despite that the user is allowed to read permissions.
Worth to note that such permissions are not a form of some in-house invented sophisticated security, but default settings for ActiveSync devices in Exchange Server Health Monitoring mailboxes.
Closed Feb 7 at 6:53 PM by robing
Removed unnessary retrieval