You can specify the following options:
/DOMAIN: domain |
Specifies the NETBIOS or DNS name of the domain where the Deleted Objects container is located. |
/SERVER: computername |
Specifies the name or IP address of the domain controller for the specified domain. |
/DELEGATE: accountname |
Delegates permissions to the specified user account or group. |
/REMOVE: accountname |
Removes permissions previously delegated to the specified user account or group |
/VERIFY: accountname |
Verifies permissions of the specified user account or group. |
/DISPLAY |
Displays security settings for the Deleted Objects container in the specified domain |
/RIGHT |
Ensures the specified user account or group has the Synchronize directory service data user right. You can use this option to delegate or verify this right. The Synchronize directory service data user right allows the account to read all objects and properties in the Active Directory. |
NOTE:
If the name of the user account or group you want to specify contains a space, enclose the account name in quotation marks. For example, if you want to specify the Houston IT group, type "Houston IT".
When specifying a group, use the pre-Windows 2000 name for that group.