AdaptixC2 MCP Server

Overview Schema Related Servers Score Discussions

bof_ldap

Perform full LDAP read, write, and delete operations on Active Directory objects, including user, group, computer, and ACL management.

Instructions

LDAP-BOF: Full LDAP read/write/delete operations against Active Directory.

ENUMERATION (Read): ldap get-acl — Get ACL/security descriptor ldap get-attribute — Get specific attribute(s) ldap get-computers — List all domain computers ldap get-groups — List all domain groups ldap get-groupmembers — List members of a group ldap get-delegation — Get delegation config ldap get-domaininfo — Get domain info from rootDSE ldap get-maq — Get Machine Account Quota ldap get-object — Get all attributes of an object ldap get-rbcd — Get RBCD config ldap get-spn — Get SPNs ldap get-uac — Get UAC flags ldap get-users — List all domain users ldap get-usergroups — List groups a user is member of ldap get-writable — Find objects you have write access to

MODIFICATION (Write): ldap move-object — Move object to different OU ldap add-ace — Add ACE to DACL ldap add-attribute — Add value to attribute ldap add-computer [password] — Add computer to domain ldap add-delegation — Add delegation SPN ldap add-group [ou] — Add group ldap add-groupmember — Add member to group ldap add-ou — Add OU ldap add-rbcd — Add RBCD delegation ldap add-sidhistory — Add SID to sidHistory ldap add-spn — Add SPN ldap add-user [password] [ou] — Add user ldap add-uac — Add UAC flags ldap add-genericall — Add GenericAll ACE ldap add-genericwrite — Add GenericWrite ACE ldap add-dcsync — Add DCSync rights ldap add-asreproastable — Set DONT_REQ_PREAUTH ldap add-unconstrained — Enable unconstrained delegation ldap add-constrained — Set constrained delegation SPNs ldap set-attribute — Set/replace attribute ldap set-delegation — Set delegation SPNs ldap set-owner — Set object owner ldap set-spn — Set SPNs (replaces all) ldap set-password — Set/reset user password ldap set-uac — Set UAC flags (replaces all)

REMOVAL (Delete): ldap remove-ace — Remove ACE from DACL ldap remove-attribute [val] — Remove attribute/value ldap remove-delegation — Remove delegation SPN ldap remove-dcsync — Remove DCSync rights ldap remove-genericall — Remove GenericAll ACE ldap remove-genericwrite — Remove GenericWrite ACE ldap remove-groupmember — Remove group member ldap remove-object — Delete object from domain ldap remove-rbcd — Remove RBCD delegation ldap remove-spn — Remove SPN ldap remove-uac — Remove UAC flags

Input Schema

TableJSON Schema

Name	Required	Description	Default
`agent_id`	Yes
`command`	Yes
`args`	No

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Tool Definition Quality

B3.2/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description must cover behavioral traits. It mentions read/write/delete operations but does not disclose potential risks, required privileges, or side effects (e.g., destructive changes to AD). This omission is significant for a powerful tool.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is long but well-organized into read, write, and delete sections with bullet-point subcommands. It front-loads the core purpose and uses a clear structure. However, it could be more concise by summarizing categories without listing every subcommand.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity and the presence of an output schema, the description covers the range of LDAP operations. However, it lacks details on error handling, prerequisites, and how parameters interact with subcommands. The output schema may compensate for return values, but the description is incomplete for full usage.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema coverage is 0%, so the description must compensate. It lists possible command values for the 'command' parameter but does not explain how 'args' should be used or the format for agent_id. The enumeration of commands provides partial compensation but leaves ambiguity.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Full LDAP read/write/delete operations against Active Directory.' It lists specific operations, distinguishing it from sibling tools like bof_ad or bof_execution which cover different areas.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description does not explicitly state when to use this tool versus alternatives. It lacks guidance on prerequisites, which operations are safe, or when to use sibling tools like bof_ad for non-LDAP AD tasks.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Faceless0x7/AdaptixC2-MCP-Server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server