SpnPostureRollupService

Namespace ADPlayground.Kerberos

Assembly ADPlayground

Source ADPlayground/Kerberos/SpnPostureRollupService.cs:54

Modifiers static

Combines duplicate SPN detection and general SPN hygiene into one rollup. Low-priv: LDAP only. Optional DNS resolution for specific service classes.

Inheritance

Object
SpnPostureRollupService

Methods

public static View Evaluate(String domainName, IEnumerable<String> allowServiceClasses = null, IEnumerable<String> blockServiceClasses = null, IEnumerable<String> dnsResolveClasses = null, Int32 sample = 20)

ADPlayground/Kerberos/SpnPostureRollupService.cs:54

Returns: View

Evaluates SPN posture for a domain, combining duplicate detection and hygiene checks.

Parameters

domainName System.String requiredposition: 0: DNS domain name to evaluate.
allowServiceClasses System.Collections.Generic.IEnumerable{System.String} = null optionalposition: 1: Optional allowlist of service classes to consider (others ignored).
blockServiceClasses System.Collections.Generic.IEnumerable{System.String} = null optionalposition: 2: Optional blocklist of service classes to ignore.
dnsResolveClasses System.Collections.Generic.IEnumerable{System.String} = null optionalposition: 3: Optional set of service classes for which DNS resolution checks are performed.
sample System.Int32 = 20 optionalposition: 4: Maximum number of duplicate SPNs to include in the Duplicates sample.

Returns

Combined view with counts, sample duplicates and hygiene snapshot.

Inheritance

Methods

Parameters

Returns

Inherited Methods

Parameters