Defense
Active Directory Effective Permission Auditing
Active directory permissions are a complex beast, at the core of Active Directory you have databases and partitions.
These have access controls lists, there are two types of these:
- DACL
- SACL
https://docs.microsoft.com/en-us/windows/win32/secauthz/access-control-lists
In active directory auditing these with out of the box tools can be a pain, especially when you are looking to enumerate effective permissions. Luckily a nice chap as made a great PowerShell app which can help you with your auditing activities! Read more “Active Directory Effective Permission Auditing”