LegacyMCP

43 tools. 1 can modify or destroy data without limits.

1 write tool that can modify data. Rate limits recommended.

Last updated:

1 can modify or destroy data
42 read-only
43 tools total

Community server · catalogue entry verified 03/07/2026

How to control LegacyMCP ↓

What LegacyMCP exposes to your agents

Read (42) Write / Execute (1) Destructive / Financial (0)
High Risk

The most dangerous LegacyMCP tools

1 of LegacyMCP's 43 tools can modify, destroy, or commit something on every call — and an agent calls them with no built-in limits.

How to control LegacyMCP

PolicyLayer is an MCP gateway — it sits between your AI agents and LegacyMCP, and nothing reaches the server without passing your rules. These are the rules we recommend:

Rate limit write operations
{
  "create_snapshot": {
    "limits": [
      {
        "counter": "create_snapshot_per_hour",
        "window": "hour",
        "max": 30,
        "scope": "grant"
      }
    ]
  }
}

Prevents bulk unintended modifications from agents caught in loops.

Cap read operations
{
  "get_blocked_inheritance_ous": {
    "limits": [
      {
        "counter": "get_blocked_inheritance_ous_per_minute",
        "window": "minute",
        "max": 60,
        "scope": "grant"
      }
    ]
  }
}

Controls API costs and prevents retry loops from exhausting upstream rate limits.

  1. Create a free account and register LegacyMCP — nothing to install.
  2. Add these rules — paste them, or build them visually. Tune the limits to your setup.
  3. Point your MCP client (Claude, Cursor, anything) at your gateway URL.
ENFORCE POLICY ON LEGACYMCP →

Instant setup, no code required.

All 43 LegacyMCP tools

READ 42 tools
Read get_blocked_inheritance_ous Return OUs with GPO inheritance blocked. Read get_certification_authorities get_certification_authorities Read get_computer_summary get_computer_summary Read get_computers get_computers Read get_dc_features get_dc_features Read get_dc_file_locations get_dc_file_locations Read get_dc_network_config get_dc_network_config Read get_dc_services get_dc_services Read get_dc_software get_dc_software Read get_default_password_policy Return the Default Domain Password Policy for a given domain, Read get_dns_forwarders Return DNS forwarder configuration per DC. Read get_dns_zones get_dns_zones Read get_domain_controllers get_domain_controllers Read get_domains get_domains Read get_eventlog_config get_eventlog_config Read get_fgpp get_fgpp Read get_forest_info Return forest-level information: name, functional level, schema version, Read get_fsmo_roles Return the current FSMO role holders: Read get_fsp get_fsp Read get_gpo_links get_gpo_links Read get_gpos Return all GPOs with display name, GUID, status (enabled/disabled), Read get_group_members get_group_members Read get_groups get_groups Read get_ntp_config get_ntp_config Read get_optional_features Return the list of optional AD features and their enabled state Read get_ous Return the complete OU tree with distinguished names, Read get_privileged_accounts Return accounts that are members of privileged groups Read get_privileged_groups Return membership of privileged groups with full nested resolution: Read get_schema_extensions Return custom schema classes and attributes added to the AD schema Read get_schema_product_presence Return schema-based product presence detection for the forest. Read get_site_links Return all site links with cost, replication interval, Read get_sites Return all AD sites with their associated subnets and DCs. Read get_snapshot_status get_snapshot_status Read get_sysvol_state Return SYSVOL replication state per DC: replication mechanism Read get_trusts get_trusts Read get_user_by_name Return the full record for a single user looked up by SamAccountName. Read get_user_summary Return user counts by state: total, enabled, disabled, locked out, Read get_users get_users Read list_snapshots list_snapshots Read list_workspaces list_workspaces Read load_snapshot load_snapshot Read reload_workspace reload_workspace

Questions about LegacyMCP

How do I prevent bulk modifications through LegacyMCP? +

The LegacyMCP server has 1 write tools including create_snapshot. Set a rate limit in your policy -- for example, 10 calls per hour prevents an agent from making more than 10 modifications per hour. PolicyLayer enforces this at the gateway, before calls reach LegacyMCP.

How many tools does the Legacy MCP server expose? +

43 tools across 2 categories: Read, Write. 42 are read-only. 1 can modify, create, or delete data.

How do I enforce a policy on LegacyMCP? +

Register the Legacy MCP server in PolicyLayer, apply the suggested rules above (adjust the limits to your use case), and point your AI client at the PolicyLayer proxy URL instead of the server directly. Your agents keep the same tools; PolicyLayer evaluates every call against policy before it executes. Nothing to install, live in minutes.

Enforce policy on every LegacyMCP tool call.

Deterministic rules across all 43 LegacyMCP tools. Per-identity grants. Full audit log. Live in minutes. Nothing to install.

Instant setup, no code required.

43 LegacyMCP tools catalogued and risk-classified — across an index of 43,000+ MCP servers.

// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.