API Reference
Class
UnconstrainedDelegationChecker
Finds accounts that are trusted for unconstrained delegation.
Inheritance
- Object
- UnconstrainedDelegationChecker
Remarks
See usage examples in the unit tests for typical scenarios.
Constructors
public UnconstrainedDelegationChecker(Func<String, IEnumerable<DelegationEntry>> fetchAccounts = null, Func<IEnumerable<String>> enumerateDomains = null) #Initializes a new instance of the UnconstrainedDelegationChecker class.
Parameters
- fetchAccounts System.Func{System.String,System.Collections.Generic.IEnumerable{ADPlayground.DelegationEntry}} = null
- Optional delegate used to retrieve account names.
- enumerateDomains System.Func{System.Collections.Generic.IEnumerable{System.String}} = null
- Optional delegate returning domain names to scan.
Methods
public Void CheckDomain(String domainName = null) #Returns:
VoidLogs a warning for every account trusted for delegation in the given domain.
Parameters
- domainName System.String = null
- Target domain or null for the current domain.
public IEnumerable<DelegationEntry> GetAccounts(String domainName) #Returns:
IEnumerable<DelegationEntry>Retrieves account names trusted for delegation in the specified domain.
Parameters
- domainName System.String
- Target domain.
Returns
Collection of SAM account names.