LinkedInGitHub

PowerView

View ACLs associated with an object

Get-DomainObjectAcl -SamAccountName student1 -ResolveGUIDs
Get-DomainObjectAcl -Identity "Domain Admins" -ResolveGUIDs

View ACLs associated with the specified prefix to be used for search

Get-DomainObjectAcl -SearchBase "LDAP://CN=RDP Users
,CN=Users,DC=dollarcorp,DC=moneycorp,DC=local" -ResolveGUIDs -Verbose

The way to read the output would be

  • On ObjectDN: Domain Admins

  • The SecurityIdentifier (SID / object)

  • Has ActiveDirectoryRights: GenricAll (All rights)

Search for Write, Modify and GenericAll ACEs

Find-InterestingDomainAcl -ResolveGUIDs
Find-InterestingDomainAcl -ResolveGUIDs | ?{$_.IdentityReferenceName -match "student2"}
Find-InterestingDomainAcl -ResolveGUIDs | ?{$_.IdentityReferenceName -match "RDPUsers"}

Specified Path

Get-PathAcl -Path "\\dcorp-dc.dollarcorp.moneycorp.local\sysvol"

PreviousACLNextTrusts

Last updated