API Reference
Class
AdminGroupService
Provides helpers for retrieving privileged groups and their members.
Inheritance
- Object
- AdminGroupService
Methods
public static IEnumerable<PrivilegedGroupInfo> GetPrivilegedGroups(String domainName = null, Boolean crossForest = false, Func<String, String, ValueTuple<HashSet<String>, Boolean>> fetchMembers = null, Func<IEnumerable<String>> enumerateDomains = null, Func<String, String> getDomainSid = null) #Returns:
IEnumerable<PrivilegedGroupInfo>Retrieves privileged groups and their members.
Parameters
- domainName System.String = null
- Optional domain to query. When null, queries current or all forest domains.
- crossForest System.Boolean = false
- When true, queries all domains in the forest and trusts.
- fetchMembers System.Func{System.String,System.String,System.ValueTuple{System.Collections.Generic.HashSet{System.String},System.Boolean}} = null
- Optional delegate returning group member identities for a domain and SID with error flag.
- enumerateDomains System.Func{System.Collections.Generic.IEnumerable{System.String}} = null
- Optional delegate enumerating domain names.
- getDomainSid System.Func{System.String,System.String} = null
- Optional delegate resolving domain SID values.
Returns
Synchronously yields privileged groups with members.
public static IAsyncEnumerable<PrivilegedGroupInfo> GetPrivilegedGroupsAsync(String domainName = null, Boolean crossForest = false, Func<String, String, Task<ValueTuple<HashSet<String>, Boolean>>> fetchMembers = null, Func<IEnumerable<String>> enumerateDomains = null, Func<String, String> getDomainSid = null) #Returns:
IAsyncEnumerable<PrivilegedGroupInfo>Retrieves privileged groups and their members.
Parameters
- domainName System.String = null
- Optional domain to query. When null, queries current or all forest domains.
- crossForest System.Boolean = false
- When true, queries all domains in the forest and trusts.
- fetchMembers System.Func{System.String,System.String,System.Threading.Tasks.Task{System.ValueTuple{System.Collections.Generic.HashSet{System.String},System.Boolean}}} = null
- Optional delegate returning group member identities for a domain and SID with error flag.
- enumerateDomains System.Func{System.Collections.Generic.IEnumerable{System.String}} = null
- Optional delegate enumerating domain names.
- getDomainSid System.Func{System.String,System.String} = null
- Optional delegate resolving domain SID values.
Returns
Asynchronously yields privileged groups with members.
public static async Task<ValueTuple<List<IdentityInfo>, Boolean>> TryGetGroupMembersByNameAsync(String domainName, String groupName, TimeSpan timeout) #Returns:
Task<ValueTuple<List<IdentityInfo>, Boolean>>Returns members of a specific well-known group by its friendly name with a soft timeout. Uses cached RID/builtin SID maps when available to avoid broad enumeration.
Parameters
- domainName System.String
- groupName System.String
- timeout System.TimeSpan
public static async Task<ValueTuple<GroupMembershipResult, Boolean>> TryGetGroupMembershipByNameAsync(String domainName, String groupName, TimeSpan timeout) #Returns:
Task<ValueTuple<GroupMembershipResult, Boolean>>Returns full membership for a specific well-known group by its friendly name with a soft timeout. This returns the nested membership graph/flattened entries, preserving nesting depth and parent links.
Parameters
- domainName System.String
- Domain to query.
- groupName System.String
- Friendly group name, e.g., "Domain Admins", "Administrators", "Schema Admins".
- timeout System.TimeSpan
- Maximum time to wait for the query to complete.
Returns
Membership result and an error indicator.