There is an unsaved comment in progress. You will lose your changes if you continue. Are you sure you want to reopen the work item?
ntsecuritydescriptor is not populated if user can read only some attributes of an object
If a user has permissions to read only some attributes of an object and to read permissions of that object, the script may throw errors about null-index array for $DSobject.Attributes. Somehow, ntsecuritydescriptor is not populated, despite that the user
is allowed to read permissions.
Worth to note that such permissions are not a form of some in-house invented sophisticated security, but default settings for ActiveSync devices in Exchange Server Health Monitoring mailboxes.