# ACTIVE DIRECTORY

<https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2023_02.svg>

***

**Object Permission Enumeration**

| Permission             | Description                           |
| ---------------------- | ------------------------------------- |
| GenericAll             | Full permissions on object            |
| GenericWrite           | Edit certain attributes on the object |
| WriteOwner             | Change ownership of the object        |
| WriteDACL              | Edit ACE's applied to object          |
| AllExtendedRights      | Change password, reset password, etc. |
| ForceChangePassword    | Password change for object            |
| Self (Self-Membership) | Add ourselves to for example a group  |