Active Directory DSACLS.exe in Windows Server 2008 R2

Dec 16

Retherford, Cory Patrick on 12/16/2010 2:32 PM

The dsacls command-line tool displays and allows the ability to changes permissions (Access Control Lists; ACL) of objects in Active Directory.

In order to run this tool (and others) you will need to install the Windows Server Support Tools that can be downloaded here. These tools are no longer included on the Windows Server install disc for Windows Server 2008.

Example:

In this example I am querying the ACL's of an Active Directory object.
After installing the dsacls.exe using the Windows Server Support tools, you can run the following:

C:\Users\adinn>dsacls "CN=account,OU=Accounts,DC=Domain,DC=com">Object_output.txt

Change the italicized fields with the appropriate distinguished names and the name of the output file you wish to save.

Running this simple command will result in all the security ACL's for that object being displayed in the text file such as the following example.

Allow NT AUTHORITY\SELF
SPECIAL ACCESS
READ PERMISSONS
LIST CONTENTS
READ PROPERTY
LIST OBJECT
Allow NT AUTHORITY\SYSTEM
FULL CONTROL
Allow BUILTIN\Pre-Windows 2000 Compatible Access
SPECIAL ACCESS <Inherited from parent>
READ PERMISSONS
LIST CONTENTS
READ PROPERTY
LIST OBJECT

0 Comment(s)

javascript: SP.SOD.executeFunc('followingcommon.js', 'FollowDoc', function() { FollowDoc('{ListId}', {ItemId}); });

0x0

ContentType

0x01

1100

Edit in Dashboard Designer

/_layouts/15/images/ppsEditDesigner.png?rev=43

/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}

0x0

ContentType

0x0101004C06BE72B56941358D9BD0B31603EC4D

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Dashboard

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F06

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Filter

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F05

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Indicator

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F03

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Kpi

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F01

230

Display Report

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

javascript:window.open('{SiteUrl}/_layouts/15/ppswebparts/ReportViewPreview.aspx?SiteLocation={SiteUrl}&ItemLocation={ItemUrl}')

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F04

231

Edit in Dashboard Designer

/_layouts/15/images/ppsEditDesigner.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=ReportView

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F04

230

Display Scorecard

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

javascript:window.open('{SiteUrl}/_layouts/15/ppswebparts/ScorecardPreview.aspx?SiteLocation={SiteUrl}&ItemLocation={ItemUrl}')

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F02

231

Edit in Dashboard Designer

/_layouts/15/images/ppsEditDesigner.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Scorecard

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F02

230

Compliance Details

javascript:if (typeof CalloutManager !== 'undefined' && Boolean(CalloutManager) && Boolean(CalloutManager.closeAll)) CalloutManager.closeAll(); commonShowModalDialog('{SiteUrl}'+ '/_layouts/15/itemexpiration.aspx' +'?ID={ItemId}&List={ListId}', 'center:1;dialogHeight:500px;dialogWidth:500px;resizable:yes;status:no;location:no;menubar:no;help:no', function GotoPageAfterClose(pageid){if(pageid == 'hold') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/hold.aspx' +'?ID={ItemId}&List={ListId}'); return false;} if(pageid == 'audit') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/Reporting.aspx' +'?Category=Auditing&backtype=item&ID={ItemId}&List={ListId}'); return false;} if(pageid == 'config') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/expirationconfig.aspx' +'?ID={ItemId}&List={ListId}'); return false;} if(pageid == 'tag') {STSNavigate(unescape(decodeURI('{SiteUrl}'))+ '/_layouts/15/Hold.aspx' +'?Tag=true&ID={ItemId}&List={ListId}'); return false;}}, null);

0x0

0x1

ContentType

0x01

898

Document Set Version History

/_layouts/15/images/versions.gif?rev=43

javascript:SP.UI.ModalDialog.ShowPopupDialog('{SiteUrl}'+ '/_layouts/15/DocSetVersions.aspx' + '?List={ListId}&ID={ItemId}')

0x0

ContentType

0x0120D520

330

Send To other location

/_layouts/15/images/sendOtherLoc.gif?rev=43

javascript:GoToPage('{SiteUrl}' + '/_layouts/15/docsetsend.aspx' + '?List={ListId}&ID={ItemId}')

0x0

ContentType

0x0120D520

350

Comments

There are no comments for this post.

javascript: SP.SOD.executeFunc('followingcommon.js', 'FollowDoc', function() { FollowDoc('{ListId}', {ItemId}); });

0x0

ContentType

0x01

1100

Edit in Dashboard Designer

/_layouts/15/images/ppsEditDesigner.png?rev=43

/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}

0x0

ContentType

0x0101004C06BE72B56941358D9BD0B31603EC4D

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Dashboard

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F06

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Filter

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F05

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Indicator

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F03

230

Edit in Dashboard Designer

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Kpi

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F01

230

Display Report

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

javascript:window.open('{SiteUrl}/_layouts/15/ppswebparts/ReportViewPreview.aspx?SiteLocation={SiteUrl}&ItemLocation={ItemUrl}')

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F04

231

Edit in Dashboard Designer

/_layouts/15/images/ppsEditDesigner.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=ReportView

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F04

230

Display Scorecard

/_layouts/15/images/PPSSiteTemplateRun.png?rev=43

javascript:window.open('{SiteUrl}/_layouts/15/ppswebparts/ScorecardPreview.aspx?SiteLocation={SiteUrl}&ItemLocation={ItemUrl}')

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F02

231

Edit in Dashboard Designer

/_layouts/15/images/ppsEditDesigner.png?rev=43

{SiteUrl}/_layouts/15/ppswebparts/DesignerRedirect.aspx?Operation=OpenItem&ItemLocation={ItemUrl}&ItemType=Scorecard

0x0

ContentType

0x01002DDC53CB1D5F4520BE0568558051291F02

230

Compliance Details

0x0

0x1

ContentType

0x01

898

Document Set Version History

/_layouts/15/images/versions.gif?rev=43

javascript:SP.UI.ModalDialog.ShowPopupDialog('{SiteUrl}'+ '/_layouts/15/DocSetVersions.aspx' + '?List={ListId}&ID={ItemId}')

0x0

ContentType

0x0120D520

330

Send To other location

/_layouts/15/images/sendOtherLoc.gif?rev=43

javascript:GoToPage('{SiteUrl}' + '/_layouts/15/docsetsend.aspx' + '?List={ListId}&ID={ItemId}')

0x0

ContentType

0x0120D520

350

CoryRetherford.com // <![CDATA[ _spBodyOnLoadFunctionNames.push("setupPageDescriptionCallout"); // ]]>

Comments

‭(Hidden)‬ Blog Tools

CoryRetherford.com