API Reference

Class

GpoSecurityTemplateService

Namespace ADPlayground.Gpo.Policy

Assembly ADPlayground

Source ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:21

Modifiers static

Reads GptTmpl.inf (Security Template) from GPOs and computes effective values for a target DN, honoring link order, enforced/block inheritance and OU precedence. Designed for reuse by TestimoX and ADPlayground.PowerShell.

Inheritance

Object
GpoSecurityTemplateService

Methods

public static Void ClearTemplateCache(String domainName = null) #

ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:21

Returns: Void

Clears the in-memory cache of per-GPO security template (GptTmpl.inf) data. When domainName is provided, only entries for that domain are removed.

Parameters

domainName System.String = null optionalposition: 0

public static GpoSecurityTemplateSet GetEffectiveComputerTemplateForDomainControllers(String domainName) #

ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:227

Returns: GpoSecurityTemplateSet

Convenience: effective machine template for Domain Controllers OU.

Parameters

domainName System.String requiredposition: 0

GetEffectivePrivilegeRightsForDn 2 overloads

public static GpoPrivilegeRightsSet GetEffectivePrivilegeRightsForDn(String domainName, String distinguishedName, Boolean includeSiteGpos = false, IEnumerable<String> siteNames = null)

ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:241

Returns: GpoPrivilegeRightsSet

Computes effective privilege rights for an arbitrary DN (OU/Domain root). Site GPOs optional.

Parameters

domainName System.String requiredposition: 0
distinguishedName System.String requiredposition: 1
includeSiteGpos System.Boolean = false optionalposition: 2
siteNames System.Collections.Generic.IEnumerable{System.String} = null optionalposition: 3

public static GpoPrivilegeRightsSet GetEffectivePrivilegeRightsForDn(String domainName, String distinguishedName, IReadOnlyList<Guid> orderedGpoIds)

ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:255

Returns: GpoPrivilegeRightsSet

Returns effective privilege rights using a pre-filtered GPO order (e.g., after applicability or loopback planning).

Parameters

domainName System.String requiredposition: 0
distinguishedName System.String requiredposition: 1
orderedGpoIds System.Collections.Generic.IReadOnlyList{System.Guid} requiredposition: 2

public static GpoPrivilegeRightsSet GetEffectivePrivilegeRightsForDomainControllers(String domainName) #

ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:268

Returns: GpoPrivilegeRightsSet

Convenience: effective privilege rights for Domain Controllers OU.

Parameters

domainName System.String requiredposition: 0

GetEffectiveTemplateForDn 2 overloads

public static GpoSecurityTemplateSet GetEffectiveTemplateForDn(String domainName, String distinguishedName, Boolean includeSiteGpos = false, IEnumerable<String> siteNames = null)

ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:199

Returns: GpoSecurityTemplateSet

Computes effective template for an arbitrary DN (OU/Domain root). Site GPOs optional.

Parameters

domainName System.String requiredposition: 0
distinguishedName System.String requiredposition: 1
includeSiteGpos System.Boolean = false optionalposition: 2
siteNames System.Collections.Generic.IEnumerable{System.String} = null optionalposition: 3

public static GpoSecurityTemplateSet GetEffectiveTemplateForDn(String domainName, String distinguishedName, IReadOnlyList<Guid> orderedGpoIds)

ADPlayground/Gpo/Policy/GpoSecurityTemplateService.cs:214

Returns: GpoSecurityTemplateSet

Computes effective template for a DN using a pre-filtered ordered list of GPO identifiers (e.g., after WMI/security applicability evaluation).

Parameters

domainName System.String requiredposition: 0
distinguishedName System.String requiredposition: 1
orderedGpoIds System.Collections.Generic.IReadOnlyList{System.Guid} requiredposition: 2

public static IEnumerable<RegistryTemplateEntry> GetEntriesForGpo(String domainName, Guid gpoId) #

Returns: IEnumerable<RegistryTemplateEntry>

Enumerates registry template entries for a specific GPO.

Parameters

domainName System.String requiredposition: 0
gpoId System.Guid requiredposition: 1

public static IEnumerable<PrivilegeRightAssignment> GetPrivilegeRightsForGpo(String domainName, Guid gpoId) #

Returns: IEnumerable<PrivilegeRightAssignment>

Enumerates privilege rights for a specific GPO.

Parameters

domainName System.String requiredposition: 0
gpoId System.Guid requiredposition: 1

Inheritance

Methods

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters

Inherited Methods

Parameters