14.12. Comparing the ACL of an Object to the Default Defined in the Schema
Problem
You want to determine if an object has the permissions defined in the schema for its object class as part of its ACL.
Solution
Using a command-line interface
> acldiag <ObjectDN
> /schema
Discussion
For more on the default security descriptor, see Recipe 14.11.
See Also
Recipe 14.13 for resetting an object’s ACL to the default defined in the schema
Get Active Directory Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.