TestimoX

API Reference

Class

LapsDsrmReadPermissionScanner

Edit on GitHub
Namespace ADPlayground.Computers
Assembly ADPlayground
Source ADPlayground/Computers/LapsDsrmReadPermissionScanner.cs:48
Modifiers static

Scans Domain Controllers OU and aggregates principals that can read DSRM LAPS attributes (msLAPS-EncryptedDSRMPassword, msLAPS-DSRMPasswordExpirationTime) on DC computer objects. Uses attribute-specific ReadProperty/ExtendedRight ACEs on computer objects.

Inheritance

  • Object
  • LapsDsrmReadPermissionScanner

Methods

public static Snapshot Evaluate(String domainName) #
ADPlayground/Computers/LapsDsrmReadPermissionScanner.cs:48
Returns: Snapshot

Scans the Domain Controllers OU and aggregates principals that can read DSRM LAPS attributes on DCs.

Parameters

domainName System.String requiredposition: 0