ADPlayground Overview

ADPlayground is a comprehensive Active Directory analysis and management toolkit. It provides a broad PowerShell and .NET surface for deep inspection of your AD infrastructure, covering users, computers, groups, Group Policy, trusts, replication, sites, PKI, LAPS, DNS, and security ACLs.

Key Capabilities

Group Policy Management

The largest functional area in ADPlayground. Covers the full GPO lifecycle:

• Inventory & Analysis -- list, detail, analyze, summarize, and detect duplicate GPOs
• Permissions -- query and manage GPO permissions (administrative, read, root, unknown), owners, and default ACLs
• Links & Inheritance -- inspect GPO links, link summaries, OU mappings, and inheritance chains
• Backup & Restore -- COM-free GPO backup and restore with ACL preservation
• SYSVOL Health -- content listing, permission auditing, DFS-R status, and consistency testing
• Policy Values -- extract policy settings, embedded passwords, folder redirection, script security
• WMI Filters -- create, modify, and remove WMI filter objects
• Local GPO -- retrieve, import, restore, and configure local group policy settings

Security & ACL Management

Full control over AD object security descriptors:

• Query, add, set, and remove ACL entries on any AD object
• Manage ACL ownership and inheritance
• Configure audit rules (SACL) for compliance monitoring
• Restore default ACLs to well-known containers

User, Computer & Group Analysis

• Users -- enumerate user objects with detailed property retrieval
• Computers -- query computer accounts with LAPS status and delegation flags
• Groups -- list groups with member counts, nesting depth, and privileged group detection
• Group Membership -- resolve group members and transitive membership chains

Active Directory Infrastructure

• Replication -- monitor replication status, connections, and freshness vectors; move FSMO roles
• Sites & Subnets -- enumerate AD sites, site links, coverage analysis, and subnet configuration
• Trusts -- query domain and forest trusts including Azure AD integration
• DNS -- retrieve DNS log files, scavenging configuration, delegation testing, and real-time log monitoring
• Schema -- check AD schema version and detect lingering or duplicate objects

Identity & Security Principals

• SID History -- retrieve and analyze SID history usage across the domain
• Foreign Security Principals -- list and clean up FSP objects
• Duplicate SPNs -- detect duplicate Service Principal Names
• Identity Conversion -- convert between SID, DN, sAMAccountName, and UPN formats

Architecture

ADPlayground is built as a .NET library ( ADPlayground.dll ) with a PowerShell module wrapper ( ADPlayground.PowerShell ). Both share the same core engine:

ADPlayground.dll (Core Library)
├── Facades (Users, Computers, Groups, GPO, ACL, ...)
├── Providers (LDAP, WMI, Registry, COM)
└── Models (typed result objects)

ADPlayground.PowerShell (Module)
├── Cmdlets (broad module surface)
├── Communication (async pipeline support)
└── Enums (parameter enumerations)

Naming Convention

All cmdlets use the ADX noun prefix:

Get-ADXComputer         # Query computer accounts (list mode)
Get-ADXGpo              # List Group Policy Objects
Set-ADXGpoOwner         # Change GPO ownership
Test-ADXLdap            # Test LDAP connectivity
Backup-ADXGpo           # Backup GPO configuration

Quick Start

# Install the module
Install-Module -Name ADPlayground -Scope CurrentUser

# Import the module
Import-Module ADPlayground

# Query all computers with LAPS information
Get-ADXComputer -View Laps

# List all GPOs with consistency status
Get-ADXGpo

# Check replication health
Get-ADXReplicationStatus

# Test LDAP connectivity to all DCs
Test-ADXLdap

# Run a comprehensive directory health report
Invoke-ADXDirectoryEssentials

Integration with TestimoX

ADPlayground serves as the Active Directory data provider for the TestimoX assessment engine. When TestimoX evaluates AD-scoped rules (Forest, Domain, DomainController), it uses ADPlayground facades to collect the underlying data.

This means:

• ADPlayground cmdlets can be used standalone for ad-hoc investigation
• TestimoX rules automatically leverage ADPlayground for data collection
• Custom TestimoX rules can call ADPlayground APIs directly

Reference Routes

Use the guide pages in /docs/ when you want the workflow narrative. Use the generated API when you need complete signatures and type coverage.

• ADPlayground Cmdlet Guide -- curated starting points and operator guidance
• Generated PowerShell API Reference -- every exported cmdlet with signatures and examples
• Generated .NET API Reference -- types, namespaces, and member-level documentation

Next Steps

• ADPlayground Cmdlet Guide -- curated command families and links into the generated reference
• PowerShell Module -- installation and module-level documentation
• TestimoX Rules -- how ADPlayground data feeds into security rules