API Reference
Class
NetlogonVulnerableChannelAllowListEvaluator
Evaluates the Netlogon vulnerable-channel allow-list introduced for legacy Zerologon compatibility. Accounts granted Allow entries in this descriptor may use Netlogon without secure RPC and are exposed to Onelogon-style account takeover.
Inheritance
- Object
- NetlogonVulnerableChannelAllowListEvaluator
Methods
public static NetlogonVulnerableChannelAllowListView EvaluateForDomainControllers(String domainName) #Returns:
NetlogonVulnerableChannelAllowListViewEvaluates the effective allow-list policy for domain controllers.
Parameters
- domainName System.String
- DNS name of the domain.
Returns
A parsed view of the configured security descriptor and allow entries.
public static String FormatEffectiveDisplay(String securityDescriptor) #Returns:
StringFormats the effective registry value for reports.
Parameters
- securityDescriptor System.String
- Security descriptor in SDDL form.
Returns
Human-friendly state for attribution rows.
public static NetlogonVulnerableChannelAllowListView FromSecurityDescriptor(String securityDescriptor, IReadOnlyList<GpoRef> sources = null) #Returns:
NetlogonVulnerableChannelAllowListViewBuilds a parsed view from an SDDL security descriptor. Intended for tests and callers that already read the value.
Parameters
- securityDescriptor System.String
- Security descriptor in SDDL form.
- sources System.Collections.Generic.IReadOnlyList{ADPlayground.Gpo.GpoRef} = null
- Optional GPO source attribution.
Returns
A parsed allow-list view.
Inherited Methods
public override Boolean Equals(Object obj) #Returns:
BooleanInherited from Object
Parameters
- obj Object