public CertificateAuthority(String computerName)
{
if (String.IsNullOrEmpty(computerName))
{
throw new ArgumentNullException(nameof(computerName));
}
// temporary. Can be overwritten later from more trustworthy source (readInfoFromDsEntry)
ComputerName = computerName;
IsAccessible = Ping(computerName);
_regReader = new CertSrvConfigUtil(computerName);
// try to find in AD if possible
ICertConfigEntryD dsEntry = lookInDs(computerName);
// if we found in AD, then it is easy money. Or read directly from server
if (dsEntry != null)
{
readInfoFromDsEntry(dsEntry);
getDistinguishedName(dsEntry);
}
else
{
readInfoFromServer();
}
_propReader = new CertPropReaderD(ConfigString, false);
// read other stuff
initialize();
}
CertificateAuthority(ICertConfigEntryD entry)
{
IsAccessible = Ping(entry.ComputerName);
// write basic info from ICertConfig without contacting the server.
readInfoFromDsEntry(entry);
_regReader = new CertSrvConfigUtil(ComputerName); // Cause delay 2x (1xRegistry, 1xDCOM)
_propReader = new CertPropReaderD(ComputerName, false);
// read other stuff
initialize();
}
void readInfoFromDsEntry(ICertConfigEntryD dsEntry)
{
ComputerName = dsEntry.ComputerName;
Name = dsEntry.CommonName;
DisplayName = dsEntry.DisplayName;
ConfigString = dsEntry.ConfigString;
if (dsEntry.WebEnrollmentServers != null)
{
EnrollmentEndpoints.AddRange(dsEntry.WebEnrollmentServers.Select(x => new PolicyEnrollEndpointUri(x)));
}
}
void getDistinguishedName(ICertConfigEntryD dsEntry)
{
if (dsEntry == null || (dsEntry.Flags & CertConfigLocation.DsEntry) == 0)
{
return;
}
// at this point we know that we are connected to AD and can try to lookup for DistinguishedName attribute.
//Console.WriteLine($"DEBUG: user forest : {DsUtils.GetCurrentForestName()}");
//Console.WriteLine($"DEBUG: computer forest : {DsUtils.GetComputerForestName()}");
//Console.WriteLine($"DEBUG: user domain : {DsUtils.GetUserDomainName()}");
//Console.WriteLine($"DEBUG: computer domain : {DsUtils.GetComputerDomainName()}");
//Console.WriteLine($"DEBUG: domain path 1 : {String.Join(".", ComputerName.Split('.').Where((v, i) => i != 0))}");
//Console.WriteLine($"DEBUG: domain path : {String.Join(",DC=", ComputerName.Split('.').Where((v, i) => i != 0))}");
//Console.WriteLine($"DEBUG: config context : {DsUtils.ConfigContext}");
//String domain = String.Join(",DC=", ComputerName.Split('.').Where((v, i) => i != 0));
var dsEnroll = (DsCertEnrollContainer)DsPkiContainer.GetAdPkiContainer(DsContainerType.EnrollmentServices);
DistinguishedName = dsEnroll.EnrollmentServers
.FirstOrDefault(x => x.ComputerName.Equals(ComputerName, StringComparison.OrdinalIgnoreCase))
?.DistinguishedName;
//Console.WriteLine($"DEBUG: full dn : {dn}");
}
