API Reference

Class

UserSecurityView

Edit on GitHub

Namespace ADPlayground.Users

Assembly ADPlayground

Source ADPlayground/Users/Views/UserSecurityView.cs:6

Modifiers sealed

Security-centric user view including delegation and crypto posture.

Inheritance

Object
UserSecurityView

Constructors

public UserSecurityView() #

ADPlayground/Users/Views/UserSecurityView.cs:6

Inherited Methods

Properties

public String SamAccountName { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:6

Legacy logon name (DOMAIN\user).

public String DomainName { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:8

DNS domain containing the user object.

public Boolean Enabled { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:10

Indicates whether the account is enabled.

public Boolean IsAdmin { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:12

Indicates membership in privileged administrative roles (e.g., Domain Admins, Enterprise Admins).

public Boolean AdminCount { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:14

Reflects the adminCount attribute (true for adminSDHolder-protected objects).

public Boolean IsProtectedUsersMember { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:16

True when the account belongs to the Protected Users group.

public Boolean Sensitive { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:18

True when the account is marked as 'sensitive and cannot be delegated'.

public Boolean PreAuthDisabled { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:20

True when Kerberos pre-authentication is disabled.

public Boolean PasswordNeverExpires { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:22

True when the password policy exempts the account from expiration.

public Boolean PasswordNotRequired { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:24

True if the account can authenticate without a password.

public Boolean ReversiblePwdEncryption { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:26

True when the directory stores the password in reversible form.

public Boolean SmartcardRequired { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:28

True when the account requires smart card logon.

public Boolean HasSidHistory { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:30

True if SID history entries exist for the account.

public Boolean DelegationUnconstrained { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:32

True when the user trusts all services for delegation.

public Boolean DelegationConstrained { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:34

True when constrained delegation targets are configured.

public Boolean Rc4Only { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:36

True when only RC4 encryption types are allowed for Kerberos.

public Boolean AesDisabled { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:38

True when AES encryption types are disabled for Kerberos.

public Nullable<Int32> LastLogonDays { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:40

Number of days since the user authenticated (authoritative when collected).

public Nullable<Int32> PasswordAgeDays { get; set; } #

ADPlayground/Users/Views/UserSecurityView.cs:42

Number of days since the user last changed the password.

Inheritance

Constructors

Inherited Methods

Parameters

Properties