TestimoX

API Reference

Class

KerberosTicketLifetimeChecker

Edit on GitHub
Namespace ADPlayground
Assembly ADPlayground
Source ADPlayground/Kerberos/KerberosTicketLifetimeChecker.cs:25

Evaluates Kerberos ticket lifetimes in domain policy.

Inheritance

  • Object
  • KerberosTicketLifetimeChecker

Remarks

See usage examples in the unit tests for typical scenarios.

Constructors

public KerberosTicketLifetimeChecker(Func<String, ValueTuple<Nullable<Int32>, Nullable<Int32>>> fetchPolicy = null, Func<IEnumerable<String>> enumerateDomains = null) #
ADPlayground/Kerberos/KerberosTicketLifetimeChecker.cs:25

Initializes a new instance of the KerberosTicketLifetimeChecker class.

Parameters

fetchPolicy System.Func{System.String,System.ValueTuple{System.Nullable{System.Int32},System.Nullable{System.Int32}}} = null optionalposition: 0
Delegate retrieving ticket lifetime settings for a domain.
enumerateDomains System.Func{System.Collections.Generic.IEnumerable{System.String}} = null optionalposition: 1
Delegate returning domain names to process.

Methods

public Void Check() #
ADPlayground/Kerberos/KerberosTicketLifetimeChecker.cs:81
Returns: Void

Logs warnings for all domains in the forest.

public Void CheckDomain(String domainName = null) #
ADPlayground/Kerberos/KerberosTicketLifetimeChecker.cs:57
Returns: Void

Logs warnings when ticket lifetimes exceed recommended values in the specified domain.

Parameters

domainName System.String = null optionalposition: 0
Domain to check or null for the current domain.
public static IEnumerable<String> FilterExceeding(IEnumerable<ValueTuple<String, Nullable<Int32>, Nullable<Int32>>> policies) #
Returns: IEnumerable<String>

Filters provided data to domains with ticket lifetimes exceeding recommended values.

Parameters

policies System.Collections.Generic.IEnumerable{System.ValueTuple{System.String,System.Nullable{System.Int32},System.Nullable{System.Int32}}} requiredposition: 0
Collection of domain ticket lifetime data.

Returns

Domain names with excessive values.

public IEnumerable<ValueTuple<String, Nullable<Int32>, Nullable<Int32>>> GetPolicies() #
Returns: IEnumerable<ValueTuple<String, Nullable<Int32>, Nullable<Int32>>>

Retrieves ticket lifetime settings for all domains in the forest.

Returns

Collection of domain data.

public ValueTuple<Nullable<Int32>, Nullable<Int32>> GetPolicy(String domainName) #
ADPlayground/Kerberos/KerberosTicketLifetimeChecker.cs:38
Returns: ValueTuple<Nullable<Int32>, Nullable<Int32>>

Retrieves ticket lifetime settings for the specified domain.

Parameters

domainName System.String requiredposition: 0
Target domain name.

Returns

Tuple containing lifetime settings.

Fields

public const Int32 RecommendedTicketAgeHours #

Recommended maximum ticket lifetime in hours.

Value: 10
public const Int32 RecommendedRenewAgeDays #

Recommended maximum renewal lifetime in days.

Value: 7