TestimoX

API Reference

Class

PrimaryGroupChecker

Edit on GitHub
Namespace ADPlayground.Groups
Assembly ADPlayground
Source ADPlayground/DNSDebugLogging/DnsLogIpSummary.cs:15
Modifiers static

Provides methods to verify primary group settings for directory accounts.

Inheritance

  • Object
  • PrimaryGroupChecker

Methods

public static IEnumerable<PrimaryGroupInfo> FilterInvalidAccounts(IEnumerable<ValueTuple<String, Int32, IEnumerable<Int32>>> accounts, IEnumerable<Int32> standardGroupIds) #
Returns: IEnumerable<PrimaryGroupInfo>

Filters the provided account list to those with non-standard primary groups or where membership does not match.

Parameters

accounts System.Collections.Generic.IEnumerable{System.ValueTuple{System.String,System.Int32,System.Collections.Generic.IEnumerable{System.Int32}}} requiredposition: 0
Tuple of account name, group RID and group RIDs in which the account is a member.
standardGroupIds System.Collections.Generic.IEnumerable{System.Int32} requiredposition: 1
RIDs of valid primary groups.

Returns

Filtered collection of primary group details.

public static IEnumerable<PrimaryGroupInfo> GetAccountsWithInvalidPrimaryGroup(String domainName, IEnumerable<Int32> standardGroupIds = null, Boolean checkMembership = false) #
Returns: IEnumerable<PrimaryGroupInfo>

Enumerates accounts in the specified domain and returns those that have a primary group outside standardGroupIds or are not members of that group.

Parameters

domainName System.String requiredposition: 0
Target domain.
standardGroupIds System.Collections.Generic.IEnumerable{System.Int32} = null optionalposition: 1
RIDs of valid primary groups.
checkMembership System.Boolean = false optionalposition: 2
When true validates that the account is actually a member of the primary group.

Returns

Collection of primary group information.

Exceptions

  • DirectoryServicesCOMException – Thrown when the LDAP query for accounts fails.
public static async Task<List<PrimaryGroupInfo>> GetAccountsWithInvalidPrimaryGroupAsync(String domainName, IEnumerable<Int32> standardGroupIds = null, Boolean checkMembership = false, CancellationToken cancellationToken = null) #
Returns: Task<List<PrimaryGroupInfo>>

Async variant that honors cancellation and uses async LDAP helpers.

Parameters

domainName System.String requiredposition: 0
standardGroupIds System.Collections.Generic.IEnumerable{System.Int32} = null optionalposition: 1
checkMembership System.Boolean = false optionalposition: 2
cancellationToken System.Threading.CancellationToken = null optionalposition: 3

Properties

public static IReadOnlyCollection<Int32> DefaultDomainGroupIds { get; } #
ADPlayground/Groups/PrimaryGroupChecker.cs:30

Default well‑known domain group RIDs that are acceptable as primary groups. NOTE: This is a broad set of well‑known domain RIDs and is not scoped to object type. Prefer StandardUserPrimaryGroupRids and StandardComputerPrimaryGroupRids in rules that evaluate specific account classes.

public static IReadOnlyCollection<Int32> StandardUserPrimaryGroupRids { get; } #
ADPlayground/Groups/PrimaryGroupChecker.cs:39

PrimaryGroupID values considered standard for user accounts.

public static IReadOnlyCollection<Int32> StandardComputerPrimaryGroupRids { get; } #
ADPlayground/Groups/PrimaryGroupChecker.cs:49

PrimaryGroupID values considered standard for computer accounts (including DCs/RODCs).