TestimoX

API Reference

Class

SmbSecurityChecker

Edit on GitHub
Namespace ADPlayground.DomainControllers
Assembly ADPlayground
Source ADPlayground/DomainControllers/SmbSecurityChecker.cs:35
Implements
ISmbSecurityChecker

Validates SMB configuration on domain controllers.

Inheritance

  • Object
  • SmbSecurityChecker

Constructors

public SmbSecurityChecker(Func<String, Boolean> signingRequired = null, Func<String, Boolean> smb1Enabled = null, Func<IEnumerable<String>> enumerateDcs = null, Func<String, Boolean> policySigningRequired = null, Func<String, Boolean> policySmb1Enabled = null, Func<String, Boolean> encryptionRequired = null, Func<String, Int32> minVersion = null, Func<String, Boolean> policyEncryptionRequired = null, Func<String, Int32> policyMinVersion = null, Func<String, IReadOnlyList<SmbProtocolVersion>> supportedVersions = null, Func<String, IReadOnlyList<SmbProtocolVersion>> policySupportedVersions = null) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:35

Initializes a new instance of the SmbSecurityChecker class.

Parameters

signingRequired System.Func{System.String,System.Boolean} = null optionalposition: 0
Function determining if SMB signing is required.
smb1Enabled System.Func{System.String,System.Boolean} = null optionalposition: 1
Function determining if SMBv1 is enabled.
enumerateDcs System.Func{System.Collections.Generic.IEnumerable{System.String}} = null optionalposition: 2
Function enumerating domain controllers.
policySigningRequired System.Func{System.String,System.Boolean} = null optionalposition: 3
Function determining if policy requires signing.
policySmb1Enabled System.Func{System.String,System.Boolean} = null optionalposition: 4
Function determining if policy enables SMBv1.
encryptionRequired System.Func{System.String,System.Boolean} = null optionalposition: 5
Function determining if SMB encryption is required.
minVersion System.Func{System.String,System.Int32} = null optionalposition: 6
Function retrieving minimum SMB version.
policyEncryptionRequired System.Func{System.String,System.Boolean} = null optionalposition: 7
Function determining if policy requires encryption.
policyMinVersion System.Func{System.String,System.Int32} = null optionalposition: 8
Function retrieving policy minimum SMB version.
supportedVersions System.Func{System.String,System.Collections.Generic.IReadOnlyList{ADPlayground.DomainControllers.SmbProtocolVersion}} = null optionalposition: 9
Function retrieving supported SMB versions.
policySupportedVersions System.Func{System.String,System.Collections.Generic.IReadOnlyList{ADPlayground.DomainControllers.SmbProtocolVersion}} = null optionalposition: 10
Function retrieving policy supported SMB versions.

Methods

public virtual Int32 GetMinVersion(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:93
Returns: Int32

Gets the minimum SMB protocol version allowed on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

Protocol version number.

public virtual SmbPolicyDifferences GetPolicyDifferences(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:218
Returns: SmbPolicyDifferences

Computes differences between current SMB settings and policy for the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

Summary of mismatched settings.

public virtual Int32 GetPolicyMinVersion(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:129
Returns: Int32

Gets the policy minimum SMB protocol version for the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

Protocol version number.

public virtual SmbPolicyStatus GetPolicyStatus(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:173
Returns: SmbPolicyStatus

Gets policy SMB settings for the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

Policy security status information.

public virtual IEnumerable<SmbPolicyStatus> GetPolicyStatusReport() #
Returns: IEnumerable<SmbPolicyStatus>

Gets policy SMB security status for all discovered domain controllers.

public virtual IReadOnlyList<SmbProtocolVersion> GetPolicySupportedVersions(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:147
Returns: IReadOnlyList<SmbProtocolVersion>

Gets policy supported SMB protocol versions on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

List of supported protocol versions.

public virtual SmbSecurityStatus GetStatus(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:156
Returns: SmbSecurityStatus

Gets SMB signing and SMBv1 status for the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

Security status information.

public virtual IEnumerable<SmbSecurityStatus> GetStatusReport() #
Returns: IEnumerable<SmbSecurityStatus>

Gets SMB security status for all discovered domain controllers.

public virtual IReadOnlyList<SmbProtocolVersion> GetSupportedVersions(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:138
Returns: IReadOnlyList<SmbProtocolVersion>

Gets supported SMB protocol versions on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

List of supported protocol versions.

public virtual Boolean IsEncryptionRequired(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:84
Returns: Boolean

Determines whether SMB encryption is required on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

true when encryption is required.

public virtual Boolean IsPolicyEncryptionRequired(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:120
Returns: Boolean

Determines whether policy requires SMB encryption on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

true when required by policy.

public virtual Boolean IsPolicySigningRequired(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:102
Returns: Boolean

Determines whether policy requires SMB signing on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

true when required by policy.

public virtual Boolean IsPolicySmb1Enabled(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:111
Returns: Boolean

Determines whether policy enables SMBv1 on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

true when SMBv1 is enabled by policy.

public virtual Boolean IsSigningRequired(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:66
Returns: Boolean

Determines whether SMB signing is required on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

true when required.

public virtual Boolean IsSmb1Enabled(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:75
Returns: Boolean

Determines whether SMBv1 is enabled on the specified domain controller.

Parameters

dcName System.String requiredposition: 0
Domain controller name.

Returns

true when SMBv1 is enabled.

public virtual Void ValidateAll() #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:283
Returns: Void

Validates SMB settings for all domain controllers returned by the enumerator.

public virtual Void ValidateDc(String dcName) #
ADPlayground/DomainControllers/SmbSecurityChecker.cs:243
Returns: Void

Validates SMB settings for a single domain controller and logs warnings.

Parameters

dcName System.String requiredposition: 0
Domain controller name.