ACL Enumeration with PowerView 2.0

To filter through a specific type of permission, use the equal (-eq) operator and pass it the permission type such as "GenericAll."

Get-ObjectAcl serveradmin -Domain lab.local -ResolveGUIDs | Where-Object {$_.ActiveDirectoryRights -contains "GenericAll"} | select ObjectDN,ActiveDirectoryRights,IdentityReference