Scans OU containers for delegations that allow reading LAPS passwords. Supports legacy LAPS (ms-Mcs-AdmPwd) and Windows LAPS (msLAPS-Password). Requires object-type specific read on the attribute GUID and inheritance to Computer objects.
Inheritance
- Object
- LapsOuDelegationScanner
Returns: View
Scans OU ACLs for attribute‑specific read rights that expose LAPS secrets (legacy, Windows, DSRM).
Parameters
- domainName System.String requiredposition: 0
- DNS domain name to evaluate.
Returns
Aggregated View with matching ACEs.
Returns: Boolean
Inherited from Object
Parameters
- obj Object requiredposition: 0
Returns: Int32
Inherited from Object
Returns: Type
Inherited from Object
Returns: String
Inherited from Object