Enumeracion de ACL

Importancia:

Las ACLs determinan quién puede hacer qué en sistemas y recursos específicos.

Vulnerabilidades posibles:

ACLs mal configuradas que otorgan acceso excesivo a recursos críticos.
Permisos heredados que no deberían aplicarse a ciertos recursos.
Posibilidades de escalada de privilegios debido a permisos inapropiados.

PS C:\windows\system32\inetsrv> Find-InterestingDomainAcl -ResolveGUIDs
ObjectDN                : CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName   : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=User,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC
                          =corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName   : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=Machine,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec
                          ,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName   : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, 
                          GenericWrite, WriteDacl, WriteOwner
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName   : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : group

ObjectDN                : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : All
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName   : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass  : computer

ObjectDN                : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : All
AceFlags                : Inherited
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName   : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass  : computer

ObjectDN                : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : All
AceFlags                : Inherited
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName   : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass  : computer

ObjectDN                : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteDacl
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName   : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain 
                          Controllers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit, Inherited
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName   : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=constrained.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericWrite
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1117
IdentityReferenceName   : userwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : GenericAll
ObjectAceType           : None
AceFlags                : ContainerInherit
AceType                 : AccessAllowed
InheritanceFlags        : ContainerInherit
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1118
IdentityReferenceName   : userall.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=userall.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : User-Logon
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : Description
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : Display-Name
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : SAM-Account-Name
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : WriteProperty
ObjectAceType           : User-Account-Restrictions
AceFlags                : None
AceType                 : AccessAllowedObject
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

ObjectDN                : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier            : AccessAllowed
ActiveDirectoryRights   : ExtendedRight, GenericRead
ObjectAceType           : None
AceFlags                : None
AceType                 : AccessAllowed
InheritanceFlags        : None
SecurityIdentifier      : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName   : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN     : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass  : user

AnteriorEnumeracion de GPO SiguienteUtilizando ADPeas

Última actualización hace 1 año

¿Te fue útil?

PS C:\windows\system32\inetsrv> Find-InterestingDomainAcl -ResolveGUIDs ObjectDN : CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute ObjectAceType : None AceFlags : ContainerInherit AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121 IdentityReferenceName : gpowrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=User,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC =corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121 IdentityReferenceName : gpowrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=Machine,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec ,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121 IdentityReferenceName : gpowrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteDacl ObjectAceType : None AceFlags : ContainerInherit AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124 IdentityReferenceName : writedacldc.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericWrite ObjectAceType : None AceFlags : ContainerInherit AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120 IdentityReferenceName : compwrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteDacl ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124 IdentityReferenceName : writedacldc.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericWrite ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120 IdentityReferenceName : compwrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete, GenericWrite, WriteDacl, WriteOwner ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110 IdentityReferenceName : DnsAdmins IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : group ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericAll ObjectAceType : All AceFlags : None AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009 IdentityReferenceName : FIRST-DC$ IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp IdentityReferenceClass : computer ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteDacl ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124 IdentityReferenceName : writedacldc.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericWrite ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120 IdentityReferenceName : compwrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericAll ObjectAceType : All AceFlags : Inherited AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009 IdentityReferenceName : FIRST-DC$ IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp IdentityReferenceClass : computer ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteDacl ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124 IdentityReferenceName : writedacldc.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericWrite ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120 IdentityReferenceName : compwrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericAll ObjectAceType : All AceFlags : Inherited AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009 IdentityReferenceName : FIRST-DC$ IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp IdentityReferenceClass : computer ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteDacl ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124 IdentityReferenceName : writedacldc.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericWrite ObjectAceType : None AceFlags : ContainerInherit, Inherited AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120 IdentityReferenceName : compwrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=constrained.user,CN=Users,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericWrite ObjectAceType : None AceFlags : ContainerInherit AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1117 IdentityReferenceName : userwrite.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : GenericAll ObjectAceType : None AceFlags : ContainerInherit AceType : AccessAllowed InheritanceFlags : ContainerInherit SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1118 IdentityReferenceName : userall.user IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=userall.user,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteProperty ObjectAceType : User-Logon AceFlags : None AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130 IdentityReferenceName : adminwebserver IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteProperty ObjectAceType : Description AceFlags : None AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130 IdentityReferenceName : adminwebserver IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteProperty ObjectAceType : Display-Name AceFlags : None AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130 IdentityReferenceName : adminwebserver IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteProperty ObjectAceType : SAM-Account-Name AceFlags : None AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130 IdentityReferenceName : adminwebserver IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : WriteProperty ObjectAceType : User-Account-Restrictions AceFlags : None AceType : AccessAllowedObject InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130 IdentityReferenceName : adminwebserver IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp AceQualifier : AccessAllowed ActiveDirectoryRights : ExtendedRight, GenericRead ObjectAceType : None AceFlags : None AceType : AccessAllowed InheritanceFlags : None SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130 IdentityReferenceName : adminwebserver IdentityReferenceDomain : spartancybersec.corp IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp IdentityReferenceClass : user