DSACLS 命令语法片段
上一次修改主题: 2006-01-31
此主题提供有关 DSACLS 命令语法文本文件的信息。在名为 DSACLS Snippets 的文件夹中可以找到这些文本文件,该文件夹属于“在 Exchange Server 2003 中使用 Active Directory 权限”的下载内容。下面是这些文本文件的完整列表。
- Email Addresses Tab – Mail-Enabled Group Object.txt
- Email Addresses Tab – Mail-Enabled Contact Object.txt
- Email Addresses Tab – Mailbox or Mail-Enabled User Object.txt
- Email Addresses Tab – Mailbox or Mail-Enabled InetOrgPerson Object (Exchange 2003).txt
- Email Addresses Tab – Query-Based Distribution Group (Exchange 2003).txt
- Exchange Advanced Tab - Query-Based Distribution Group (Exchange 2003).txt
- Exchange Advanced Tab – Mail-Enabled User Object.txt
- Exchange Advanced Tab – Mail-Enabled InetOrgPerson Object (Exchange 2003).txt
- Exchange Advanced Tab – Mail-Enabled Group Object.txt
- Exchange Advanced Tab – Mail-Enabled Contact Object.txt
- Exchange Advanced Tab – Mailbox-Enabled User Object (Exchange 2003).txt
- Exchange Advanced Tab – Mailbox-Enabled User Object (Exchange 2000).txt
- Exchange Advanced Tab – Mailbox-Enabled InetOrgPerson Object (Exchange 2003).txt
- Exchange Features Tab – Mailbox-Enabled User Object (Exchange 2003).txt
- Exchange Features Tab – Mailbox-Enabled User Object (Exchange 2000).txt
- Exchange Features Tab – Mailbox-Enabled InetOrgPerson Object (Exchange 2003).txt
- Exchange General Tab – inetOrgPerson Object (Exchange 2003).txt
- Exchange General Tab – inetOrgPerson Object (Exchange 2000).txt
- Exchange General Tab – Mail-Enabled User Object (Exchange 2003).txt
- Exchange General Tab – Mail-Enabled User Object (Exchange 2000).txt
- Exchange General Tab – Mail-Enabled Group Object (Exchange 2003).txt
- Exchange General Tab – Mail-Enabled Group Object (Exchange 2000).txt
- Exchange General Tab – Mail-Enabled Contact Object (Exchange 2003).txt
- Exchange General Tab – Mail-Enabled Contact Object (Exchange 2000).txt
- Exchange General Tab – Mailbox-Enabled User Object (Exchange 2003).txt
- Exchange General Tab – Mailbox-Enabled User Object (Exchange 2000).txt
- Exchange General Tab – Mailbox-Enabled InetOrgPerson Object (Exchange 2003).txt
- Exchange General Tab – Query-Based Distribution Group (Exchange 2003).txt
- Exchange Remove Attributes – InetOrgPerson Object (Exchange 2003).txt
- Exchange Remove Attributes – User Object (Exchange 2003).txt
- Exchange Remove Attributes – User Object (Exchange 2000).txt
- General Tab - Query-Based Distribution Group (Exchange 2003).txt
- Hiding Group Membership.txt
- Mail-Disable InetOrgPerson Object (Exchange 2003).txt
- Mail-Disable User Object (Exchange 2003).txt
- Mail-Disable User Object (Exchange 2000).txt
- Mail-Disabling Contact Objects (Exchange 2003).txt
- Mail-Disabling Contact Objects (Exchange 2000).txt
- Mail-Disabling Group Objects (Exchange 2003).txt
- Mail-Disabling Group Objects (Exchange 2000).txt
- Mail-Enable InetOrgPerson Object (Exchange 2003).txt
- Mail-Enable User Object.txt
- Mail-Enabling Contact Objects.txt
- Mail-Enabling Group Objects.txt
- Mailbox-Disable User Object (Exchange 2003).txt
- Mailbox-Disable User Object (Exchange 2000).txt
- Mailbox-Enable InetOrgPerson Object (Exchange 2003).txt
- Mailbox-Enable User Object.txt
- Mailbox Move InetOrgPerson Object (Exchange 2003).txt
- Mailbox Move User Object.txt
- Removing Exchange Attributes on Contact Objects (Exchange 2003).txt
- Removing Exchange Attributes on Contact Objects (Exchange 2000).txt
- Removing Exchange Attributes on Group Objects (Exchange 2003).txt
- Removing Exchange Attributes on Group Objects (Exchange 2000).txt
注意: |
---|
如果使用 ADSI Edit (AdsiEdit.msc)、DSACLS (Dsacls.exe) LDP 工具 (Ldp.exe) 或其他任何轻型目录访问协议 (LDAP) 版本 3 客户端不正确地修改了 Active Directory® 目录服务对象,将会导致严重的问题。解决这些问题可能需要重新安装 Microsoft® Windows Server 和 Microsoft Exchange Server 之一,或两者都重新安装。由于不正确修改了 Active Directory 对象属性而引起的问题可能无法解决。修改这些属性的风险由您自己承担。 |
DSACLS 的格式是:
dsacls "<ContainerPath>" /I:S /G "<Domain>\<Alias>:RPWP;<Attribute>;<ClassObject>"
其中:
- <ContainerPath> 是对象(例如域、组织单位)的可分辨名称;
- <Domain>\<Alias> 是被授予访问权的帐户\组;其中 <Attribute> 是被授予访问权的属性;
- <ClassObject> 是与属性关联的类对象(用户、组、联系人等)。
/I:S 开关通知 DSACLS 将权限应用于在容器路径中包含的子对象。/G 开关通知 DSACLS 授予需要的权限(与拒绝或删除权限相反)。
RP 参数通知 DSACLS 授予对有问题的属性的读取访问权。WP 参数通知 DSACLS 授予对有问题的属性的写入访问权。
注意: |
---|
DSACLS 的语法是不含换行符的命令行。 |