Enumeracion de ACL
Importancia:
Las ACLs determinan quién puede hacer qué en sistemas y recursos específicos.
Vulnerabilidades posibles:
ACLs mal configuradas que otorgan acceso excesivo a recursos críticos.
Permisos heredados que no deberían aplicarse a ciertos recursos.
Posibilidades de escalada de privilegios debido a permisos inapropiados.
PS C:\windows\system32\inetsrv> Find-InterestingDomainAcl -ResolveGUIDs
ObjectDN : CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=User,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC
=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=Machine,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec
,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : All
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass : computer
ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : All
AceFlags : Inherited
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass : computer
ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : All
AceFlags : Inherited
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass : computer
ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=constrained.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1117
IdentityReferenceName : userwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1118
IdentityReferenceName : userall.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=userall.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : User-Logon
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : Description
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : Display-Name
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : SAM-Account-Name
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : User-Account-Restrictions
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : ExtendedRight, GenericRead
ObjectAceType : None
AceFlags : None
AceType : AccessAllowed
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : userÚltima actualización