TestimoX

API Reference

Class

EffectivePolicyBatchService

Edit on GitHub
Namespace ADPlayground.Gpo.Policy
Assembly ADPlayground
Source ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:37
Modifiers static

Computes effective registry policy values for a set of (Key, ValueName) and, from the same applicability-ordered GPO list, returns attribution (winner + full writer chain). One pass per DN/scope; reusable across features (SMB/NTLM, Time, Defender, etc.).

Inheritance

  • Object
  • EffectivePolicyBatchService

Methods

public static Void AddKeyHints(params String[] prefixes) #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:37
Returns: Void

Adds key-prefix hints (HKLM\...) to limit writer-index building to relevant families.

Parameters

prefixes System.String[] requiredposition: 0
public static Void ClearCache() #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:86
Returns: Void

Clears the internal applicability cache (unit tests or callers can invalidate when needed).

public static IReadOnlyList<Row> GetForDn(String domainName, String distinguishedName, RegistryPolicyScope scope, Boolean includeSites, IEnumerable<String> siteNames, IEnumerable<ValueTuple<String, String, Func<Row, String>>> items) #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:233
Returns: IReadOnlyList<Row>

Batch resolution for an arbitrary DN/scope with optional Sites.

Parameters

domainName System.String requiredposition: 0
distinguishedName System.String requiredposition: 1
scope ADPlayground.Gpo.Policy.RegistryPolicyScope requiredposition: 2
includeSites System.Boolean requiredposition: 3
siteNames System.Collections.Generic.IEnumerable{System.String} requiredposition: 4
items System.Collections.Generic.IEnumerable{System.ValueTuple{System.String,System.String,System.Func{ADPlayground.Gpo.Policy.EffectivePolicyBatchService.Row,System.String}}} requiredposition: 5
GetForDnWithContext(System.String arg1, System.String arg2, ADPlayground.Gpo.Policy.RegistryPolicyScope arg3, System.Boolean arg4, System.Collections.Generic.IEnumerable{System.String} arg5, System.Boolean arg6, System.Boolean arg7, System.Collections.Generic.IEnumerable{System.ValueTuple{System.String,System.String,System.Func{ADPlayground.Gpo.Policy.EffectivePolicyBatchService.Row,System.String}}} arg8) #

Core implementation with explicit applicability context (PDC vs non‑PDC) for DC‑sensitive policies.

Parameters

arg1 System.String required
arg2 System.String required
arg3 ADPlayground.Gpo.Policy.RegistryPolicyScope required
arg4 System.Boolean required
arg5 System.Collections.Generic.IEnumerable{System.String} required
arg6 System.Boolean required
arg7 System.Boolean required
arg8 System.Collections.Generic.IEnumerable{System.ValueTuple{System.String,System.String,System.Func{ADPlayground.Gpo.Policy.EffectivePolicyBatchService.Row,System.String}}} required
GetForDomainControllers 2 overloads
public static IReadOnlyList<Row> GetForDomainControllers(String domainName, IEnumerable<ValueTuple<String, String, Func<Row, String>>> items) #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:205
Returns: IReadOnlyList<Row>

Batch resolution for Domain Controllers OU (Computer scope).

Parameters

domainName System.String requiredposition: 0
items System.Collections.Generic.IEnumerable{System.ValueTuple{System.String,System.String,System.Func{ADPlayground.Gpo.Policy.EffectivePolicyBatchService.Row,System.String}}} requiredposition: 1
public static IReadOnlyList<Row> GetForDomainControllers(String domainName, Boolean isPdc, IEnumerable<ValueTuple<String, String, Func<Row, String>>> items) #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:216
Returns: IReadOnlyList<Row>

Batch resolution for Domain Controllers OU (Computer scope) with explicit PDC/non‑PDC applicability context.

Parameters

domainName System.String requiredposition: 0
isPdc System.Boolean requiredposition: 1
items System.Collections.Generic.IEnumerable{System.ValueTuple{System.String,System.String,System.Func{ADPlayground.Gpo.Policy.EffectivePolicyBatchService.Row,System.String}}} requiredposition: 2
public static Void PreBatchForDomainControllers(String domainName) #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:112
Returns: Void

Runs a lightweight pre-batch for commonly used GPO families (SMB/NTLM, LDAP, Netlogon, Defender) so subsequent rule queries resolve from cache. Only call this when relevant rules are selected.

Parameters

domainName System.String requiredposition: 0
public static Void ResetKeyHints() #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:42
Returns: Void

Clears custom key hints and restores defaults.

public static Void WarmForDomainControllers(String domainName) #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:97
Returns: Void

Pre-warms the applicability context (including effective registry/template maps and writer indexes) for the Domain Controllers OU in both DC contexts (PDC and non‑PDC). This avoids first-hit latency when multiple rules query EPB in the same run.

Parameters

domainName System.String requiredposition: 0

Properties

public static Int32 MaxParallelGpoReads { get; set; } #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:14

Maximum degree of parallelism when reading per‑GPO artifacts. Default: 8.

public static Boolean DumpWriterDetails { get; set; } #
ADPlayground/Gpo/Policy/EffectivePolicyBatchService.cs:69

When true (or when global Debug logging is enabled), EPB will emit per-writer details for keys that have writers but no resolved value and no deleter detected. This is expensive and should be used only for troubleshooting.