TestimoX

API Reference

Command

Get-ADXWellKnownFolderAcl

Namespace ADPlayground.PowerShell
Outputs
ADPlayground.Acl.WellKnownFolderAclIssue

Audits ACLs on well-known AD containers (Users, Computers, System, Builtin, etc.).

Examples

Authored help example

Example 1: Dangerous ACEs across common containers


Get-ADXWellKnownFolderAcl | Select-Object ContainerDistinguishedName,IdentityDisplayName,Rights

Example 2: Include non-dangerous entries and limit to Users and Computers containers


Get-ADXWellKnownFolderAcl -IncludeAll -Containers 'CN=Users','CN=Computers'

Common Parameters

This command supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable.

For more information, see about_CommonParameters.

Syntax

Get-ADXWellKnownFolderAcl [-Containers <string[]>] [-Domain <string>] [-Identity <string[]>] [-IncludeAll] [-ResolveIdentity] [<CommonParameters>]
#

Parameters

Containers string[] optionalposition: namedpipeline: false
Limits output to specific KNOWNFOLDERIDs (e.g., Documents, Desktop).
Domain string optionalposition: namedpipeline: false
DNS domain to audit. Defaults to the current domain when omitted.
Identity string[] optionalposition: namedpipeline: false
Optional identities to resolve ACLs for (name or SID).
IncludeAll SwitchParameter optionalposition: namedpipeline: false
Includes all known folders when set (ignores -Containers).
ResolveIdentity SwitchParameter optionalposition: namedpipeline: false
Resolve identity details (domain, SID) in the output.

Outputs

ADPlayground.Acl.WellKnownFolderAclIssue