adding 3 permissions to active directory warns about 110 changes - password writeback??

Ben 16 Reputation points
2021-03-02T15:31:29.323+00:00
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,079 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. AmanpreetSingh-MSFT 56,441 Reputation points
    2021-03-03T08:06:22.06+00:00

    Hi @Ben · Thank you for reaching out.

    As the permissions you are adding, needs to be applied to "Descendant User objects", it will be propagated to all the child user objects, which are present under the object where you are adding permissions. This will result in those three permissions to get added to the ACL (Access Control List) of the child user objects under that object and the count of the entries in ACS will be 110 in your case.

    In short, those three permissions will be added to multiple user objects which will result in 110 entries. This should be OK as these attributes needs to be updated on per user basis.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


  2. HCM 0 Reputation points
    2023-05-08T12:31:39.69+00:00

    Since this is the top google search for me, I would like to clarify. This is not, as @AmanpreetSingh-MSFT suggests, the sum of objects this ACL will be set on due to inheritage.

    It is the count of ACLs you are setting on the selected container, which will be inherited. So if you have 106 permissions and add 4, this warning will come to pass. Similarly, when you were to remove 4 ACLs, you would get the same warning about 102 permissions.

    Another source states, that this warning only shows if 8 or more ACLs are set.

    0 comments No comments