> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Contains

> GPOs linked to a container apply to all objects that are contained by the container. Additionally, ACEs set on a parent OU may inherit down to child objects.

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Abuse Info

Permissions on the parent of a child object may enable compromise of the child object through inherited ACEs or linked GPOs.

See the inbound edges on the parent object for details.

## Opsec Considerations

Creation and modification of ACEs will be logged depending on the auditing setup on Domain Controllers.

## Edge Schema

Source: [Computer](/resources/nodes/computer), [OU](/resources/nodes/ou), [Container](/resources/nodes/container)\
Destination: [AIACA](/resources/nodes/aiaca), [CertTemplate](/resources/nodes/cert-template), [Computer](/resources/nodes/computer), [EnterpriseCA](/resources/nodes/enterprise-ca), [Group](/resources/nodes/group), [IssuancePolicy](/resources/nodes/issuance-policy), [NTAuthStore](/resources/nodes/nt-auth-store), [OU](/resources/nodes/ou), [RootCA](/resources/nodes/root-ca), [User](/resources/nodes/user)\
Traversable: **Yes**

## References

* [https://wald0.com/?p=179](https://wald0.com/?p=179)
* [https://blog.cptjesus.com/posts/bloodhound15](https://blog.cptjesus.com/posts/bloodhound15)