ACLs

Get the ACLs associated with the specified object

Get-DomainObjectAcl -SamAccountName student1 -ResolveGUIDs

Get the ACLs associated with the specified prefix to be used for search

Get-DomainObjectAcl -SearchBase "LDAP://CN=Domain
	Admins,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local" -ResolveGUIDs -
	Verbose

Enumerate ACLs using ActiveDirectory module but without resolving GUIDs

(Get-Acl 'AD:\CN=Administrator,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local')
	.Acces

Search for interesting ACEs

Find-InterestingDomainAcl -ResolveGUIDs

Get the ACLs associated with the specified path

Get-PathAcl -Path "\\dcorp-dc.dollarcorp.moneycorp.local\sysvol"




Invoke-ACLScanner -ResolveGUIDs | ?{$_.IdentityReference -match "student"}
PreviousUsers and ComputersNextBloodHound

Last updated