# Enumeracion de ACL
### **Importancia**:
Las ACLs determinan quién puede hacer qué en sistemas y recursos específicos.
### **Vulnerabilidades posibles**:
* ACLs mal configuradas que otorgan acceso excesivo a recursos críticos.
* Permisos heredados que no deberían aplicarse a ciertos recursos.
* Posibilidades de escalada de privilegios debido a permisos inapropiados.
```powershell
PS C:\windows\system32\inetsrv> Find-InterestingDomainAcl -ResolveGUIDs
ObjectDN : CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=User,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec,DC
=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=Machine,CN={6AC1786C-016F-11D2-945F-00C04fB984F9},CN=Policies,CN=System,DC=spartancybersec
,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ReadProperty, WriteProperty, GenericExecute
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1121
IdentityReferenceName : gpowrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=gpowrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=RID Set,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=@,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=a.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=b.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=c.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=d.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=e.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=f.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=g.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=h.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=i.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=j.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=k.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=l.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : DC=m.root-servers.net,DC=RootDNSServers,CN=MicrosoftDNS,CN=System,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : CreateChild, DeleteChild, ListChildren, ReadProperty, DeleteTree, ExtendedRight, Delete,
GenericWrite, WriteDacl, WriteOwner
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1110
IdentityReferenceName : DnsAdmins
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=DnsAdmins,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : group
ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : All
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass : computer
ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : All
AceFlags : Inherited
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass : computer
ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : All
AceFlags : Inherited
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1009
IdentityReferenceName : FIRST-DC$
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=FIRST-DC,OU=Domain Controllers,DC=spartancybersec,DC=corp
IdentityReferenceClass : computer
ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteDacl
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1124
IdentityReferenceName : writedacldc.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=writedacldc.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=FIRST-DC,OU=Domain
Controllers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit, Inherited
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1120
IdentityReferenceName : compwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=compwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=constrained.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericWrite
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1117
IdentityReferenceName : userwrite.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=userwrite.user,CN=Users,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : GenericAll
ObjectAceType : None
AceFlags : ContainerInherit
AceType : AccessAllowed
InheritanceFlags : ContainerInherit
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1118
IdentityReferenceName : userall.user
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=userall.user,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : User-Logon
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : Description
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : Display-Name
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : SAM-Account-Name
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : WriteProperty
ObjectAceType : User-Account-Restrictions
AceFlags : None
AceType : AccessAllowedObject
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
ObjectDN : CN=WEBSERVER,CN=Computers,DC=spartancybersec,DC=corp
AceQualifier : AccessAllowed
ActiveDirectoryRights : ExtendedRight, GenericRead
ObjectAceType : None
AceFlags : None
AceType : AccessAllowed
InheritanceFlags : None
SecurityIdentifier : S-1-5-21-1861162130-2580302541-221646211-1130
IdentityReferenceName : adminwebserver
IdentityReferenceDomain : spartancybersec.corp
IdentityReferenceDN : CN=AdminWebServer,CN=Users,DC=spartancybersec,DC=corp
IdentityReferenceClass : user
```
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://books.spartan-cybersec.com/cpad/enumeracion-en-ad/enumeracion-con-powershell-ofensivo/guia-de-comandos-de-powerview.ps1/enumeracion-de-acl.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.