Abusing ACLs
- by Vince
-
in Blog
-
Hits: 881
For the sake of keeping it simple -- Access Control Lists provide granular permissions to objects. Quoting Microsoft: "Access control for objects in Active Directory Domain Services is based on Windows NT and Windows 2000 access-control models. Access privileges for resources in Active Directory Domain Services are usually granted through the use of an access control entry (ACE)."
Often times what I find is that a misunderstanding of what permissions do is what gets people into trouble. Let's look at a standard Active Directory user: