-
标题
Native "Protect object from accidental deletion" is not reflected in Active Roles -
说明
Objects created in native Active Directory tools may have the checkbox enabled for "Protect object from accidental deletion". This box is unchecked in Active Roles.
-
解决办法
This is expected and is by current design.
When enabling the option Protect from Accidental Deletion using native Active Directory tools, the ACE (Access Control Entry) is set to Deny Delete.
When enabling the option Protect from Accidental Deletion using Active Roles, an Access Template is linked to the object which then syncs the permissions to the native object's ACE. Active Roles currently does not support reading the reverse, meaning if the setting is enabled outside of Active Roles, the setting will not be reflected in Active Roles.
For further information, see the topic About the Protect container from accidental deletion option section.