开发者

Can c# pull DNS Host record Security permissions?

开发者 https://www.devze.com 2023-02-17 13:13 出处:网络
I have been asked to see if I can read DNS Host records (A records) and produce a report showing what accounts have what security permissions. I have searched high and low a开发者_运维技巧nd the close

I have been asked to see if I can read DNS Host records (A records) and produce a report showing what accounts have what security permissions. I have searched high and low a开发者_运维技巧nd the closest I could find was the Bdev.Net.Dns project but unfortunately this does not do permissions.

I am not even sure if it can be done. I have done this before with actual file permissions but never messed with DNS. Since my search has been futile, does anyone even know if this is possible?

Thanks in advance.

Geo...


Figured it out. Key was to find the right distinguishedName for the object wanted. Key was this: CN=MicrosoftDNS,DC=DomainDnsZones

Then, access like any other AD object.

objDNSRecord = GetObject("LDAP://DC=" & strComputer & "," & sPath)
        objNtSecurityDescriptor = objDNSRecord.Get("ntSecurityDescriptor")
        DACL = objNtSecurityDescriptor.DiscretionaryAcl
0

精彩评论

暂无评论...
验证码 换一张
取 消