Thursday, June 20, 2019

C# + Active Directory = Awesome!!


I have a need to review AD groups and local admin groups as part of the identity project -  to identity users who are having privileged access in AD or servers. I developed this tool to help with the quick search, detailed view, export, etc with UI.

Obviously this can be done with PowerShell, but I found there is limitation with PowerShell in regards to recursive lookup especially when dealing with foreign objects

As you can see below, there are different account type you can query, user, computer and group (with recursive option). You can also provide a different credential to query Active Directory as well as specifying a particular OU, LDAP filter and keyword doing the search.

  

The below UI provides the interface to query local groups in Windows machine. You can specify a single computer, computers in a particular OU or a text file containing a list of computers.