API Reference

Class

DomainControllerSecuritySnapshot

Edit on GitHub

Namespace ADPlayground.DomainControllers

Assembly ADPlayground

Source ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:10

Modifiers sealed

Snapshot of security-relevant DC settings.

Inheritance

Object
DomainControllerSecuritySnapshot

Constructors

public DomainControllerSecuritySnapshot() #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:10

Inherited Methods

Properties

public String DomainName { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:10

DNS domain name.

public IReadOnlyList<DomainControllerStatus> Controllers { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:12

Collected per-controller status rows.

public IReadOnlyList<DomainControllerStatus> MissingLdapSigning { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:14

Controllers where LDAP signing is not required.

public IReadOnlyList<DomainControllerStatus> InsecureLdapBinds { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:16

Controllers allowing insecure LDAP binds.

public IReadOnlyList<DomainControllerStatus> SmbSigningNotRequired { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:18

Controllers that do not require SMB signing.

public IReadOnlyList<DomainControllerStatus> PolicySmbSigningNotRequired { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:20

Controllers where group policy does not enforce SMB signing.

public IReadOnlyList<DomainControllerStatus> MissingAuditPolicy { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:22

Controllers missing advanced audit subcategories.

public IReadOnlyList<DomainControllerStatus> MissingAdvancedAuditPolicy { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:24

Controllers missing recommended advanced audit subcategories.

public IReadOnlyList<DomainControllerStatus> MissingLdapChannelBinding { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:26

Controllers where LDAP channel binding mode is not required.

public IReadOnlyList<DomainControllerStatus> PrintSpoolerRunning { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:28

Controllers where the Print Spooler service is running.

public IReadOnlyList<DcAuditPolicyStatus> AuditPolicySimpleFindings { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:30

Advanced audit policy failures (simple categories) per controller.

public IReadOnlyList<DcAuditPolicyStatus> AuditPolicyAdvancedFindings { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:32

Advanced audit policy failures (advanced categories) per controller.

public IReadOnlyList<DcAuditPolicyAdvancedStatus> AuditPolicyAdvancedStatuses { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:34

Per-subcategory status for advanced audit requirements.

public IReadOnlyList<PolicyAttribution> AuditPolicyAttribution { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:36

GPOs that contribute audit.csv to DCs (policy attribution).

public IReadOnlyList<DcAuditSecurityOptionStatus> SecurityOptionStatuses { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:38

Audit-related security option statuses (e.g., 4688 command line).

public Int32 SecurityOptionGapCount { get; set; } #

ADPlayground/DomainControllers/DomainControllerSecuritySnapshot.cs:40

Count of security option entries that do not meet the baseline.

Inheritance

Constructors

Inherited Methods

Parameters

Properties