Enumerating ACLs
PowerView
Get list of all ACLs from current domain
Get-ObjectACLGet list of all ACLs from current domain with resolved GUIDs
Get-ObjectACL -ResolveGUIDsGet list of all ACLs from another domain
Get-ObjectACL -Domain <DOMAIN NAME>Get list of all ACLs associated with the specific SAM account name
Get-ObjectAcl -SamAccountName <SAM ACCOUNT NAME>Get list of ACLs associated with specified prefix used for filtering
Get-ObjectAcl -ADSprefix <ADs PATH PREFIX VALUE>
// Any prefix value could be passed Eg: 'CN=Administrator,CN=Users'Get list of all ACLs associated with the specific LDAP ADs path
Get-ObjectAcl -ADSpath <LDAP ADs PATH>Get list of all ACLs assocaited with GPOs
(Get-NetGPO).name | %{Get-ObjectAcl -ResolveGUIDs -Name $_}Get list of all ACLs assocaited with GPOs where an object ("KEYWORD") has interesting permissions
(Get-NetGPO).Name | %{Get-ObjectAcl -ResolveGUIDs -Name $_} | ?{$_.IdentityReference -match "<KEYWORD>"}Get ACLs from the specified path
Get interesting ACEs from ACLs of current domain
Get interesting ACEs from ACLs of current domain with resolved GUIDs
Get interesting ACEs from ACLs of another domain
Get interesting ACEs from ACLs with specific SAM account name
Get interesting ACEs from ACLs with specified prefix used for filtering
Get interesting ACEs from ACLs with specified path used for filtering
Get interesting ACEs from ACLs with the specific LDAP ADs path
Get modify rights/permissions for an object to match (Object may be user or an group)
Active Directory Module
Enumerating ACLs without resolving GUIDs
Last updated