API Reference
Command
Update-ADXACL
Modifies ACL entries (add/remove batch) on an Active Directory object with governance-capable execution options.
Examples
Generated fallback example from parameter set 'By ADObject'.
Update-ADXACL -ADObject 'Value'
Generated fallback example from parameter set 'By Entry'.
Update-ADXACL -Entry 'Value'
Common Parameters
This command supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable.
For more information, see about_CommonParameters.
Syntax
Update-ADXACL -Security <ActiveDirectorySecurity> [-AddRequests <AdxAclPermissionRequest[]>] [-AllowWrite] [-Apply] [-DryRun <bool>] [-GovernanceMode <string>] [-Intent <string>] [-RemoveRequests <AdxAclPermissionRequest[]>] [-WriteActorId <string>] [-WriteAuditCorrelationId <string>] [-WriteChangeReason <string>] [-WriteExecutionId <string>] [-WriteRollbackPlanId <string>] [-WriteRollbackProviderId <string>] [<CommonParameters>]Parameter set:
By SecurityParameters
- Security ActiveDirectorySecurity
- ActiveDirectorySecurity instance to read or modify.
- AddRequests AdxAclPermissionRequest[]
- Permission entries to add.
- AllowWrite SwitchParameter
- Explicit write confirmation flag for mutating operations.
- Apply SwitchParameter
- Applies changes. Without this switch, the cmdlet runs in dry-run mode.
- DryRun bool
- Dry-run mode flag. Defaults to true; set to false (or use -Apply) to execute writes.
- GovernanceMode string
- Governance behavior mode. compatibility preserves legacy write defaults; enforced requires explicit governance flow.
- Intent string
- Execution intent (read_only or read_write). Default: read_only.
- RemoveRequests AdxAclPermissionRequest[]
- Permission entries to remove.
- WriteActorId string
- Write actor identifier.
- WriteAuditCorrelationId string
- Optional write audit correlation identifier.
- WriteChangeReason string
- Write change reason, ticket, or approval reference.
- WriteExecutionId string
- Write execution identifier for governance/audit correlation.
- WriteRollbackPlanId string
- Write rollback plan identifier.
- WriteRollbackProviderId string
- Optional write rollback provider identifier.
Outputs
ADPlayground.Acl.AdxAclGovernedOperationResult
Update-ADXACL -Entry <DirectoryEntry> [-AddRequests <AdxAclPermissionRequest[]>] [-AllowWrite] [-Apply] [-DryRun <bool>] [-GovernanceMode <string>] [-Intent <string>] [-RemoveRequests <AdxAclPermissionRequest[]>] [-WriteActorId <string>] [-WriteAuditCorrelationId <string>] [-WriteChangeReason <string>] [-WriteExecutionId <string>] [-WriteRollbackPlanId <string>] [-WriteRollbackProviderId <string>] [<CommonParameters>]Parameter set:
By EntryParameters
- Entry DirectoryEntry
- DirectoryEntry object to read or modify.
- AddRequests AdxAclPermissionRequest[]
- Permission entries to add.
- AllowWrite SwitchParameter
- Explicit write confirmation flag for mutating operations.
- Apply SwitchParameter
- Applies changes. Without this switch, the cmdlet runs in dry-run mode.
- DryRun bool
- Dry-run mode flag. Defaults to true; set to false (or use -Apply) to execute writes.
- GovernanceMode string
- Governance behavior mode. compatibility preserves legacy write defaults; enforced requires explicit governance flow.
- Intent string
- Execution intent (read_only or read_write). Default: read_only.
- RemoveRequests AdxAclPermissionRequest[]
- Permission entries to remove.
- WriteActorId string
- Write actor identifier.
- WriteAuditCorrelationId string
- Optional write audit correlation identifier.
- WriteChangeReason string
- Write change reason, ticket, or approval reference.
- WriteExecutionId string
- Write execution identifier for governance/audit correlation.
- WriteRollbackPlanId string
- Write rollback plan identifier.
- WriteRollbackProviderId string
- Optional write rollback provider identifier.
Outputs
ADPlayground.Acl.AdxAclGovernedOperationResult
Update-ADXACL -ADObject <string> [-AddRequests <AdxAclPermissionRequest[]>] [-AllowWrite] [-Apply] [-DryRun <bool>] [-GovernanceMode <string>] [-Intent <string>] [-RemoveRequests <AdxAclPermissionRequest[]>] [-WriteActorId <string>] [-WriteAuditCorrelationId <string>] [-WriteChangeReason <string>] [-WriteExecutionId <string>] [-WriteRollbackPlanId <string>] [-WriteRollbackProviderId <string>] [<CommonParameters>]Parameter set:
By ADObjectParameters
- ADObject string
- Distinguished name/path of the object to read or modify.
- AddRequests AdxAclPermissionRequest[]
- Permission entries to add.
- AllowWrite SwitchParameter
- Explicit write confirmation flag for mutating operations.
- Apply SwitchParameter
- Applies changes. Without this switch, the cmdlet runs in dry-run mode.
- DryRun bool
- Dry-run mode flag. Defaults to true; set to false (or use -Apply) to execute writes.
- GovernanceMode string
- Governance behavior mode. compatibility preserves legacy write defaults; enforced requires explicit governance flow.
- Intent string
- Execution intent (read_only or read_write). Default: read_only.
- RemoveRequests AdxAclPermissionRequest[]
- Permission entries to remove.
- WriteActorId string
- Write actor identifier.
- WriteAuditCorrelationId string
- Optional write audit correlation identifier.
- WriteChangeReason string
- Write change reason, ticket, or approval reference.
- WriteExecutionId string
- Write execution identifier for governance/audit correlation.
- WriteRollbackPlanId string
- Write rollback plan identifier.
- WriteRollbackProviderId string
- Optional write rollback provider identifier.
Outputs
ADPlayground.Acl.AdxAclGovernedOperationResult