I require a C# developer to extract the AD Extended Rights
- or -
Post a project like this1619
£155(approx. $194)
- Posted:
- Proposals: 9
- Remote
- #2602162
- Awarded
Experienced Graphics designer |Experienced WordPress Full Stack|SharePoint Expert|Data Entry Team |flyer/business card/Brochure||2DAnimation||Photoshop work|
Islamabad
33846365027971076580115287318883802359825254911732404173324962
Description
Experience Level: Entry
Estimated project duration: less than 1 week
I require a simple C# application that extracts all the Advanced Security Settings permissions for a domain as seen in Active Directory Users and Computers. The attached images from a Dev DC shows the Extended Rights we require to extract (labelled Screen 4)
.NET provides easy extraction of the Principals and Access rights for the users for the domain (Screen 3) and returns generic rights like ReadProperty, WriteProperty, GenericExecute and ExtendedRight.
The following code retrieves the higher level users and rights
private List ReadPermissions(string adPath, string UserID, string UserPassword)
{
List rights = new List();
AccessPermissions user = new AccessPermissions();
DirectoryEntry de = new DirectoryEntry(adPath, UserID, UserPassword);
de.Options.SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Sacl;
de.RefreshCache();
ActiveDirectorySecurity Sec = de.ObjectSecurity;
foreach (ActiveDirectoryAccessRule ar in Sec.GetAccessRules(true, true, typeof(NTAccount)))
{
user.Identity = ResolveKnownSid(ar.IdentityReference);
user.ActiveDirectoryRights = ar.ActiveDirectoryRights.ToString();
if(ar.AccessControlType.ToString()=="Allow")
{
user.AccessControlType = AccessControl.Allow;
}
else
{
user.AccessControlType = AccessControl.Deny;
}
lstItems.Items.Add(user.Identity);
lstRights.Items.Add(user.ActiveDirectoryRights);
//lstPermissions.Items.Add(user.AccessControlType);
rights.Add(user);
}
return rights;
}
A small sample app that retrieves the higher level is attached written in c# using VS 2019 - core code is in Form1.cs.
What I require is what can be seen in Screen labelled 4 where we drill down into the extendedRights for the users. In the case of screen labelled 4 - the extended right of -
"Validated write to computer attributes." needs to be extracted.
In the separate Permissions image, I require the extended rights of -
List Contents, Read All Properties, Write all properties, Read permissions, Delete msImaging-PSPs objects and Create MSMQ Queue Alias objects
Naturally, the listed users will have different extended rights so this is just 2 examples from my test environment.
Note: You will need access to a standard Windows Active Directory domain.
If you require any additional information, please do not hesitate to contact me.
.NET provides easy extraction of the Principals and Access rights for the users for the domain (Screen 3) and returns generic rights like ReadProperty, WriteProperty, GenericExecute and ExtendedRight.
The following code retrieves the higher level users and rights
private List ReadPermissions(string adPath, string UserID, string UserPassword)
{
List rights = new List();
AccessPermissions user = new AccessPermissions();
DirectoryEntry de = new DirectoryEntry(adPath, UserID, UserPassword);
de.Options.SecurityMasks = SecurityMasks.Dacl | SecurityMasks.Sacl;
de.RefreshCache();
ActiveDirectorySecurity Sec = de.ObjectSecurity;
foreach (ActiveDirectoryAccessRule ar in Sec.GetAccessRules(true, true, typeof(NTAccount)))
{
user.Identity = ResolveKnownSid(ar.IdentityReference);
user.ActiveDirectoryRights = ar.ActiveDirectoryRights.ToString();
if(ar.AccessControlType.ToString()=="Allow")
{
user.AccessControlType = AccessControl.Allow;
}
else
{
user.AccessControlType = AccessControl.Deny;
}
lstItems.Items.Add(user.Identity);
lstRights.Items.Add(user.ActiveDirectoryRights);
//lstPermissions.Items.Add(user.AccessControlType);
rights.Add(user);
}
return rights;
}
A small sample app that retrieves the higher level is attached written in c# using VS 2019 - core code is in Form1.cs.
What I require is what can be seen in Screen labelled 4 where we drill down into the extendedRights for the users. In the case of screen labelled 4 - the extended right of -
"Validated write to computer attributes." needs to be extracted.
In the separate Permissions image, I require the extended rights of -
List Contents, Read All Properties, Write all properties, Read permissions, Delete msImaging-PSPs objects and Create MSMQ Queue Alias objects
Naturally, the listed users will have different extended rights so this is just 2 examples from my test environment.
Note: You will need access to a standard Windows Active Directory domain.
If you require any additional information, please do not hesitate to contact me.
Phillip N.
100% (6)Projects Completed
5
Freelancers worked with
2
Projects awarded
73%
Last project
16 Nov 2018
United Kingdom
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies