CRTP (ACL-Enumeration)
CRTP (ACL-Enumeration)
CRTP (ACL-Enumeration)
Access Control List Enumeration
Get the ACLs associated with the specified object (groups)
1
Get-ObjectAcl -SamAccountName student1 -ResolveGUIDs
Get the ACLs associated with the specified prefix to be used for search
1
Get-ObjectAcl -ADSprefix 'CN=Administrator,CN=Users' -Verbose
We can also enumerate ACLs using ActiveDirectory module but without resolving GUIDs
1
(Get-Acl "AD:\CN=Administrator, CN=Users, DC=dollarcorp, DC=moneycorp,DC=local").Access
Get the ACLs associated with the specified LDAP path to be used for search
1
Get-ObjectAcl -ADSpath "LDAP://CN=Domain Admins,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local" -ResolveGUIDs -Verbose
Search for interesting ACEs
1
Invoke-ACLScanner -ResolveGUIDs
Get the ACLs associated with the specified path
1
Get-PathAcl -Path "\\dc.mydomain.local\sysvol"
This post is licensed under
CC BY 4.0
by the author.