LapsLegacyReadPermissionScanner

Namespace ADPlayground.Computers

Assembly ADPlayground

Source ADPlayground/Computers/LapsLegacyReadPermissionScanner.cs:57

Modifiers static

Scans a sample of computer objects and projects principals that can read legacy LAPS (ms-Mcs-AdmPwd). Honors the Confidential bit: when set, requires ExtendedRight ACE on the attribute; otherwise ReadProperty suffices.

Inheritance

Object
LapsLegacyReadPermissionScanner

Methods

public static Snapshot Evaluate(String domainName, Int32 maxComputers = 300, IEnumerable<String> ignoreSids = null) #

ADPlayground/Computers/LapsLegacyReadPermissionScanner.cs:57

Returns: Snapshot

Scans a sample of computer objects and aggregates principals that can read legacy LAPS passwords.

Parameters

domainName System.String requiredposition: 0: DNS domain name.
maxComputers System.Int32 = 300 optionalposition: 1: Maximum number of computers to sample.
ignoreSids System.Collections.Generic.IEnumerable{System.String} = null optionalposition: 2: Optional SIDs to ignore while aggregating.

Returns

Snapshot with principal tallies and representative examples.

Inheritance

Methods

Parameters

Returns

Inherited Methods

Parameters