public static void GetInterestingAcls(string targetDn, string forestDn, bool laps = false)
{
try
{
using (var entry = new DirectoryEntry("LDAP://" + targetDn))
{
ActiveDirectorySecurity sec = entry.ObjectSecurity;
AuthorizationRuleCollection rules = null;
rules = sec.GetAccessRules(true, true, typeof(NTAccount));
foreach (ActiveDirectoryAccessRule rule in rules)
{
if (!laps)
{
Outputs.PrintAce(targetDn, rule, forestDn);
}
else
{
Outputs.PrintLAPSView(targetDn, rule, forestDn);
}
}
}
}
catch { }
}
public static void GetInterestingAcls(string targetDn, string forestDn)
{
using (var entry = new DirectoryEntry("LDAP://" + targetDn))
{
ActiveDirectorySecurity sec = entry.ObjectSecurity;
AuthorizationRuleCollection rules = null;
rules = sec.GetAccessRules(true, true, typeof(NTAccount));
Console.WriteLine(" * Object DN: {0}", targetDn);
Console.WriteLine();
foreach (ActiveDirectoryAccessRule rule in rules)
{
Outputs.PrintAce(rule, forestDn);
}
}
}
