public static void GetInterestingAcls(string targetDn, string forestDn, bool laps = false) { try { using (var entry = new DirectoryEntry("LDAP://" + targetDn)) { ActiveDirectorySecurity sec = entry.ObjectSecurity; AuthorizationRuleCollection rules = null; rules = sec.GetAccessRules(true, true, typeof(NTAccount)); foreach (ActiveDirectoryAccessRule rule in rules) { if (!laps) { Outputs.PrintAce(targetDn, rule, forestDn); } else { Outputs.PrintLAPSView(targetDn, rule, forestDn); } } } } catch { } }
public static void GetInterestingAcls(string targetDn, string forestDn) { using (var entry = new DirectoryEntry("LDAP://" + targetDn)) { ActiveDirectorySecurity sec = entry.ObjectSecurity; AuthorizationRuleCollection rules = null; rules = sec.GetAccessRules(true, true, typeof(NTAccount)); Console.WriteLine(" * Object DN: {0}", targetDn); Console.WriteLine(); foreach (ActiveDirectoryAccessRule rule in rules) { Outputs.PrintAce(rule, forestDn); } } }