Applying Atria Delegated Permissions to AD Organizational Units
Overview
Ensure-AtriaDelegatedOU is an Atria function that validates if the Active Directory Organizational Unit (OU) exists under a specified parent DN, creates it if missing, then applies Atria delegated permissions to the OU.
Use Case
New or Existing Active Directory OU(s) needed to be managed by Atria.
Prerequisites
- Preferrably to run this on the Atria Provisioning Server
- At least Windows PowerShell 5.1
- RSAT installed with the ActiveDirectory module available.
- Permissions to create OUs in the target path
- Atria.Tools PowerShell module installed and available in the session
Required AD Groups
The following groups must exist in Active Directory. These groups are available starting Atria version 15.30.x
Atria Delegated Contact ManagementAtria Delegated Group ManagementAtria Delegated OU ManagementAtria Delegated User ManagementAtria Delegated Dacl ManagementCortexAdminsCortexReadOnly
Parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
OUName | String | Yes | Name of the OU to create or verify. | CSPHosting |
ParentPath | String | Yes | Parent DN where the OU will exist. | DC=yourdomain,DC=local or OU=Companies,DC=yourdomain,DC=local |
What the Script Does
- Imports the Active Directory module
- Builds the target OU DN as
OU=<OUName>,<ParentPath> - Checks if the OU exists
- Creates the OU if it does not exist
- Applies Atria Delegated Permissions on the OU
Example Usage (PowerShell) - Administrator Mode
Import-Module Atria.Tools
Ensure-AtriaDelegatedOU -OUName "CSPHosting" -ParentPath "DC=yourdomain,DC=local"
Support
If you encounter any issues or require assistance, contact:
📧 support@getatria.com