API Reference
Class
GpoAclMapper
Maps raw GPO ACLs (DirectoryEntry security descriptor) to high-level permission entries. Aggregates rights per SID and computes the closest GPMC-like permission label.
Inheritance
- Object
- GpoAclMapper
Methods
public static IReadOnlyList<GpoAclEntry> Map(DirectoryEntry gpo) #Returns:
IReadOnlyList<GpoAclEntry>Aggregates the ACL of a GPO container into permission entries per SID.
Parameters
- gpo System.DirectoryServices.DirectoryEntry
- DirectoryEntry pointing to a groupPolicyContainer object.
Returns
List of permission entries including Allow/Deny and computed rights.