API Reference
GpoRegistryPolicyService
Reads registry policy (registry.pol) from GPOs and computes effective values for a target DN. Designed for reuse by TestimoX and PowerShell cmdlets.
Inheritance
- Object
- GpoRegistryPolicyService
Methods
public static Void ClearRegistryPolCache(String domainName = null) #VoidClears the in-memory cache of per-GPO registry.pol entries. When domainName is provided, only entries for that domain are removed.
Parameters
- domainName System.String = null
public static Boolean DeletesValue(String domainName, Guid gpoId, RegistryPolicyScope scope, String keyPath, String valueName) #BooleanReturns true when the specified GPO's registry.pol contains a deletion marker that removes the given (key,value) pair. This inspects **del.<value> / **delvals / **deletevalues markers (machine scope only supports HKLM/MACHINE keys).
Parameters
- domainName System.String
- gpoId System.Guid
- scope ADPlayground.Gpo.Policy.RegistryPolicyScope
- keyPath System.String
- valueName System.String
public static GpoRegistryPolicySet GetEffectiveComputerPolicyForDomainControllers(String domainName) #GpoRegistryPolicySetComputes the effective Computer Configuration registry policy for the Domain Controllers OU.
Parameters
- domainName System.String
public static GpoRegistryPolicySet GetEffectivePolicyForDn(String domainName, String distinguishedName, RegistryPolicyScope scope, Boolean includeSiteGpos = false, IEnumerable<String> siteNames = null) #GpoRegistryPolicySetComputes the effective registry policy for an arbitrary target distinguishedName. Site-level is not considered in this version.
Parameters
- domainName System.String
- distinguishedName System.String
- scope ADPlayground.Gpo.Policy.RegistryPolicyScope
- includeSiteGpos System.Boolean = false
- siteNames System.Collections.Generic.IEnumerable{System.String} = null
public static GpoRegistryPolicySet GetEffectivePolicyForDn(String domainName, String distinguishedName, RegistryPolicyScope scope, IReadOnlyList<Guid> orderedGpoIds) #GpoRegistryPolicySetComputes the effective registry policy for a target DN using a pre-filtered ordered list of GPO identifiers.
Parameters
- domainName System.String
- distinguishedName System.String
- scope ADPlayground.Gpo.Policy.RegistryPolicyScope
- orderedGpoIds System.Collections.Generic.IReadOnlyList{System.Guid}
public static IEnumerable<RegistryPolicyEntry> GetEntriesForGpo(String domainName, Guid gpoId, RegistryPolicyScope scope) #IEnumerable<RegistryPolicyEntry>Gets entries from a specific GPO.
Parameters
- domainName System.String
- gpoId System.Guid
- scope ADPlayground.Gpo.Policy.RegistryPolicyScope
public static Boolean IsGpoEnabledForScope(String domainName, Guid id, RegistryPolicyScope scope) #BooleanReturns whether the specified GPO is enabled for the given configuration scope (User or Computer). Evaluates the flags attribute on the GPO and interprets per-scope disabled bits.
Parameters
- domainName System.String
- DNS domain containing the GPO.
- id System.Guid
- GPO GUID.
- scope ADPlayground.Gpo.Policy.RegistryPolicyScope
- Configuration scope to test.
Returns
true when the scope is enabled (not disabled) on this GPO; otherwise false.
public static IReadOnlyList<AppliedGpoLink> ResolveAppliedGposForDnDetailed(String domainName, String distinguishedName, Boolean includeSites, IEnumerable<String> siteNames) #IReadOnlyList<AppliedGpoLink>Returns ordered applied GPO link details (ID + DN/domain DN) for the specified target DN.
Parameters
- domainName System.String
- distinguishedName System.String
- includeSites System.Boolean
- siteNames System.Collections.Generic.IEnumerable{System.String}