Once I was working on migrating Azure AD Connect from one server to another. After the migration, no matter that the account had rights on the SDadmin folder, some accounts failed to be updated with an insufficient rights error.
After some digging, I found that some accounts historically have adminCount set to 1 and inheritance turned off, so to fix that, I used the following script below:
Continue reading