private void BuildDirectDelegationData()
{
if (domainInfo.ForestFunctionality < 2)
{
return;
}
var map = new Dictionary <string, List <string> >(StringComparer.OrdinalIgnoreCase);
WorkOnReturnedObjectByADWS callback =
(ADItem aditem) =>
{
foreach (var d in aditem.msDSAllowedToDelegateTo)
{
var spn = d.Split('/');
if (spn.Length < 2)
{
continue;
}
if (!map.ContainsKey(spn[1]))
{
map[spn[1]] = new List <string>();
}
var sid = aditem.ObjectSid.Value;
if (!map[spn[1]].Contains(sid))
{
map[spn[1]].Add(sid);
}
}
};
adws.Enumerate(domainInfo.DefaultNamingContext,
"(&(msDS-AllowedToDelegateTo=*)((userAccountControl:1.2.840.113556.1.4.804:=16777216)))",
new string[] { "objectSid", "msDS-AllowedToDelegateTo" }, callback);
RelationFactory.InitializeDelegation(map);
}
