public void GetACL(string targetDn = null)
{
IDisplay displayer = new DisplayDACL();
DACLResult result = new DACLResult();
if (targetDn == null)
{
displayer.DisplayTitle("Interesting ACL on the Domain Object");
var domainAcl = DACL.GetInterestingACLOnObject(Searcher.LdapInfo.RootDN);
result.Result = new List <DACL> {
domainAcl
};
displayer.DisplayResult(result);
displayer.DisplayTitle("Interesting ACL on Group Policy Objects");
var gposDN = GPO.GetAllGPODNList();
result.Result = AsyncCollection.GetInterestingACLAsync(gposDN).Result;
displayer.DisplayResult(result);
displayer.DisplayTitle("LAPS Password View Access");
result.Result = DACL.GetLAPSACL();
displayer.DisplayResult(result);
}
else
{
displayer.DisplayTitle($"DACL on {targetDn.ToUpper()}");
result.Result = new List <DACL> {
DACL.GetACLOnObject(targetDn)
};
displayer.DisplayResult(result);
}
}
public static void Collect(string title, List <DACL> dacl)
{
IDisplay displayer = new DisplayDACL();
displayer.DisplayTitle(title);
IResult result = new DACLResult {
Result = dacl
};
displayer.DisplayResult(result);
}
public void InvokeACLScan(string user)
{
if (user == null)
{
return;
}
var displayer = new DisplayDACL();
displayer.DisplayTitle($"Interesting ACL for {user.ToUpper()}");
DACLResult result = new DACLResult();
var groups = new CollectNestedGroupMembership();
groups.Collect(new NestedGMSearchString {
SAMAccountName = user
});
var groupSIDs = CollectNestedGroupMembership.UserSIDNameDictionary[user.ToUpper()].Keys.ToList();
result.Result = DACL.ACLScan(user, groupSIDs);
displayer.DisplayResult(result);
}