Run below script to enable inheritance for Bulk AD user under specific OU (enable inheritance on all AD user accounts)
$ADusers = Get-ADUser -ldapfilter "(objectclass=user)" -searchbase "OU=Students,DC=ukh,DC=edu,DC=krd" ForEach($user in $ADusers) { # Binding the users to DS $ou = [ADSI]("LDAP://" + $user) $sec = $ou.psbase.objectSecurity if ($sec.get_AreAccessRulesProtected()) { $isProtected = $false ## allows inheritance $preserveInheritance = $true ## preserver inhreited rules $sec.SetAccessRuleProtection($isProtected, $preserveInheritance) $ou.psbase.commitchanges() Write-Host "$user is now inherting permissions"; } else { Write-Host "$User Inheritable Permission already set" } }