Ejemplo n.º 1
0
        public static SmsClientId RegisterClient(string CMServerName, string ClientName, string DomainName, string CertPath, SecureString pass, ILog log)
        {
            using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))
            {
                // Create a registration request
                ConfigMgrRegistrationRequest registrationRequest = new ConfigMgrRegistrationRequest();

                // Add our certificate for message signing
                registrationRequest.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
                // Set the destination hostname
                registrationRequest.Settings.HostName = CMServerName;

                log.Info($"[{ClientName}] - Running Discovery...");
                // Discover local properties for registration metadata
                registrationRequest.Discover();
                registrationRequest.AgentIdentity = "MyCustomClient";
                registrationRequest.ClientFqdn    = ClientName + "." + DomainName;
                registrationRequest.NetBiosName   = ClientName;
                log.Info("About to try to register " + registrationRequest.ClientFqdn);

                // Register client and wait for a confirmation with the SMSID

                registrationRequest.Settings.Compression      = MessageCompression.Zlib;
                registrationRequest.Settings.ReplyCompression = MessageCompression.Zlib;
                log.Info($"[{ClientName}] - Message Zipped successfully, registering...");
                SmsClientId clientId = registrationRequest.RegisterClient(Sender, TimeSpan.FromMinutes(5));
                log.Info($"[{ClientName}] - Got SMSID from CM Server for this client of {clientId}...");
                return(clientId);
            }
        }
Ejemplo n.º 2
0
        static void SimulateClient(string CMServerName, string ClientName, string DomainName, string SiteCode)
        {
            //HttpSender sender = new HttpSender();

            // Load the certificate for client authentication
            //Password for excerpted cert
            using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))

            {
                X509Certificate2 thisCert = new X509Certificate2(CertPath, pass);


                Console.WriteLine(@"Using certificate for client authentication with thumbprint of '{0}'", certificate.Thumbprint);
                Console.WriteLine("Signature Algorithm: " + thisCert.SignatureAlgorithm.FriendlyName);

                if (thisCert.SignatureAlgorithm.FriendlyName == "sha256RSA")
                {
                    Console.WriteLine("Cert has a valid sha256RSA Signature Algorithm, proceeding");
                }
                else
                {
                    Console.ForegroundColor = ConsoleColor.Yellow;
                    Console.WriteLine("ConfigMgr requires a Sha256 Cert, try recreating cert with:");
                    string multiline = @"
    New-SelfSignedCertificate `
    -KeyLength 2048 -HashAlgorithm ""SHA256"" 
    - Provider  ""Microsoft Enhanced RSA and AES Cryptographic Provider"" 
    -KeyExportPolicy Exportable - KeySpec KeyExchange `
    -Subject ""SCCM Test Certificate"" - KeyUsageProperty All - Verbose
";

                    Console.Write(multiline);
                    return;
                }

                // Create a registration request
                ConfigMgrRegistrationRequest registrationRequest = new ConfigMgrRegistrationRequest();

                // Add our certificate for message signing
                registrationRequest.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);

                // Set the destination hostname
                registrationRequest.Settings.HostName = CMServerName;

                Console.WriteLine("Trying to reach: " + CMServerName);

                // Discover local properties for registration metadata
                registrationRequest.Discover();
                registrationRequest.AgentIdentity = "MyCustomClient";
                registrationRequest.ClientFqdn    = ClientName + "." + DomainName;
                registrationRequest.NetBiosName   = ClientName;
                //registrationRequest.HardwareId = Guid.NewGuid().ToString();
                Console.WriteLine("About to try to register " + registrationRequest.ClientFqdn);

                // Register client and wait for a confirmation with the SMSID

                //registrationRequest.Settings.Security.AuthenticationType = AuthenticationType.WindowsAuth;

                registrationRequest.Settings.Compression      = MessageCompression.Zlib;
                registrationRequest.Settings.ReplyCompression = MessageCompression.Zlib;

                SmsClientId testclientId = new SmsClientId();
                try
                {
                    testclientId = registrationRequest.RegisterClient(Sender, TimeSpan.FromMinutes(5));
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Failed to enroll with an error");
                    Console.WriteLine(ex.Message);
                    return;
                }
                SmsClientId clientId = testclientId;
                Console.WriteLine(@"Got SMSID from registration of: {0}", clientId);

                // Send data to the site
                ConfigMgrDataDiscoveryRecordMessage ddrMessage = new ConfigMgrDataDiscoveryRecordMessage();


                // Add necessary discovery data
                ddrMessage.SmsId       = clientId;
                ddrMessage.ADSiteName  = "Default-First-Site-Name"; //Changed from 'My-AD-SiteName
                ddrMessage.SiteCode    = SiteCode;
                ddrMessage.DomainName  = DomainName;
                ddrMessage.NetBiosName = ClientName;
                Console.WriteLine("ddrSettings clientID: " + clientId);
                Console.WriteLine("ddrSettings SiteCode: " + ddrMessage.SiteCode);
                Console.WriteLine("ddrSettings ADSiteNa: " + ddrMessage.ADSiteName);
                Console.WriteLine("ddrSettings DomainNa: " + ddrMessage.DomainName);
                Console.WriteLine("ddrSettings FakeName: " + ddrMessage.NetBiosName);
                Console.WriteLine("Message MPHostName  : " + CMServerName);

                // Now create inventory records from the discovered data (optional)
                ddrMessage.Discover();

                // Add our certificate for message signing
                ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing);
                ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Encryption);
                ddrMessage.Settings.HostName = CMServerName;
                // Now send the message to the MP (it's asynchronous so there won't be a reply)
                ddrMessage.SendMessage(Sender);

                //todo add as a param

                /*
                 * ConfigMgrHardwareInventoryMessage hinvMessage = new ConfigMgrHardwareInventoryMessage();
                 * hinvMessage.Settings.HostName = CMServerName;
                 * hinvMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
                 * hinvMessage.SmsId = clientId;
                 * hinvMessage.SiteCode = SiteCode;
                 * hinvMessage.NetBiosName = ClientName;
                 * hinvMessage.DomainName = DomainName;
                 * hinvMessage.Settings.Compression = MessageCompression.Zlib;
                 * hinvMessage.Settings.Security.EncryptMessage = true;
                 * hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", "Win32_LogicalDisk", @"root\cimv2\sms", "SMS_LogicalDisk"));
                 * hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", "Win32_Processor", @"root\cimv2\sms", "SMS_Processor"));
                 * hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", "Win32_SystemDevices", @"root\cimv2\sms", "SMS_SystemDevices"));
                 * hinvMessage.SendMessage(Sender);
                 * Console.WriteLine("Sending: " + hinvMessage.HardwareInventoryInstances.Count + "instances of HWinv data to CM");*/
            }
        }
Ejemplo n.º 3
0
        public static void SendDiscovery(string CMServerName, string clientName, string domainName, string SiteCode,
                                         string CertPath, SecureString pass, SmsClientId clientId, ILog log, bool enumerateAndAddCustomDdr = false)
        {
            using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))

            {
                //X509Certificate2 thisCert = new X509Certificate2(CertPath, pass);

                log.Info($"Got SMSID from registration of: {clientId}");

                // create base DDR Message
                ConfigMgrDataDiscoveryRecordMessage ddrMessage = new ConfigMgrDataDiscoveryRecordMessage
                {
                    // Add necessary discovery data
                    SmsId       = clientId,
                    ADSiteName  = "Default-First-Site-Name", //Changed from 'My-AD-SiteName
                    SiteCode    = SiteCode,
                    DomainName  = domainName,
                    NetBiosName = clientName
                };

                ddrMessage.Discover();
                // Add our certificate for message signing
                ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing);
                ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Encryption);
                ddrMessage.Settings.HostName         = CMServerName;
                ddrMessage.Settings.Compression      = MessageCompression.Zlib;
                ddrMessage.Settings.ReplyCompression = MessageCompression.Zlib;
                Debug.WriteLine("Sending [" + ddrMessage.DdrInstances.Count + "] instances of Discovery data to CM");
                if (enumerateAndAddCustomDdr)
                {
                    //see current value for the DDR message
                    var OSSetting = ddrMessage.DdrInstances.OfType <InventoryInstance>().Where(m => m.Class == "CCM_DiscoveryData");

                    ////retrieve actual setting
                    string osCaption = (from x in new ManagementObjectSearcher("SELECT Caption FROM Win32_OperatingSystem").Get().Cast <ManagementObject>()
                                        select x.GetPropertyValue("Caption")).FirstOrDefault().ToString();

                    XmlDocument xmlDoc = new XmlDocument();

                    ////retrieve reported value
                    xmlDoc.LoadXml(ddrMessage.DdrInstances.OfType <InventoryInstance>().FirstOrDefault(m => m.Class == "CCM_DiscoveryData")?.InstanceDataXml.ToString());

                    ////Set OS to correct setting
                    xmlDoc.SelectSingleNode("/CCM_DiscoveryData/PlatformID").InnerText = "Microsoft Windows NT Server 10.0";

                    ////Remove the instance
                    ddrMessage.DdrInstances.Remove(ddrMessage.DdrInstances.OfType <InventoryInstance>().FirstOrDefault(m => m.Class == "CCM_DiscoveryData"));

                    CMFauxStatusViewClassesFixedOSRecord FixedOSRecord = new CMFauxStatusViewClassesFixedOSRecord
                    {
                        PlatformId = osCaption
                    };
                    InventoryInstance instance = new InventoryInstance(FixedOSRecord);

                    ////Add new instance
                    ddrMessage.DdrInstances.Add(instance);
                }

                ddrMessage.SendMessage(Sender);

                ConfigMgrHardwareInventoryMessage hinvMessage = new ConfigMgrHardwareInventoryMessage();
                hinvMessage.Settings.HostName         = CMServerName;
                hinvMessage.SmsId                     = clientId;
                hinvMessage.Settings.Compression      = MessageCompression.Zlib;
                hinvMessage.Settings.ReplyCompression = MessageCompression.Zlib;
                //hinvMessage.Settings.Security.EncryptMessage = true;
                hinvMessage.Discover();

                var Classes = CMFauxStatusViewClasses.GetWMIClasses();
                foreach (string Class in Classes)
                {
                    try { hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2", Class)); }
                    catch { log.Info($"!!!Adding class : [{Class}] :( not found on this system"); }
                }

                var SMSClasses = new List <string> {
                    "SMS_Processor", "CCM_System", "SMS_LogicalDisk"
                };
                foreach (string Class in SMSClasses)
                {
                    log.Info($"---Adding class : [{Class}]");
                    try { hinvMessage.AddInstancesToInventory(WmiClassToInventoryReportInstance.WmiClassToInventoryInstances(@"root\cimv2\sms", Class)); }
                    catch { log.Info($"!!!Adding class : [{Class}] :( not found on this system"); }
                }

                hinvMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
                hinvMessage.Validate(Sender);
                hinvMessage.SendMessage(Sender);
            };
        }
Ejemplo n.º 4
0
        public static void GetPolicy(string CMServerName, string SiteCode, string CertPath, SecureString pass, SmsClientId clientId)
        {
            using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile(CertPath, pass))

            {
                bool replyCompression = true;
                bool compression      = true;
                ConfigMgrPolicyAssignmentRequest userPolicyMessage = new ConfigMgrPolicyAssignmentRequest()
                {
                    ResourceType = PolicyAssignmentResourceType.User,
                    SmsId        = clientId,
                    SiteCode     = SiteCode
                };
                userPolicyMessage.Settings.HostName = CMServerName;
                userPolicyMessage.Settings.Security.AuthenticationScheme = AuthenticationScheme.Ntlm;
                userPolicyMessage.Settings.Security.AuthenticationType   = AuthenticationType.WindowsAuth;

                userPolicyMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);

                userPolicyMessage.Discover();
                userPolicyMessage.Settings.Security.EncryptMessage = true;
                userPolicyMessage.Settings.ReplyCompression        = (true == replyCompression) ? MessageCompression.Zlib : MessageCompression.None;
                userPolicyMessage.Settings.Compression             = (true == compression) ? MessageCompression.Zlib : MessageCompression.None;
                userPolicyMessage.SendMessage(Sender);

                ConfigMgrPolicyAssignmentRequest machinePolicyMessage = new ConfigMgrPolicyAssignmentRequest();
                machinePolicyMessage.Settings.HostName = CMServerName;
                machinePolicyMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing | CertificatePurposes.Encryption);
                machinePolicyMessage.Settings.Security.EncryptMessage = true;
                machinePolicyMessage.Settings.Compression             = (true == compression) ? MessageCompression.Zlib : MessageCompression.None;
                machinePolicyMessage.Settings.ReplyCompression        = (true == replyCompression) ? MessageCompression.Zlib : MessageCompression.None;
                machinePolicyMessage.ResourceType = PolicyAssignmentResourceType.Machine;
                machinePolicyMessage.SmsId        = clientId;
                machinePolicyMessage.SiteCode     = SiteCode;
                machinePolicyMessage.Discover();
                //machinePolicyMessage.SendMessage(Sender);
            }
        }
Ejemplo n.º 5
0
        static void SimulateClient(string MPHostname, string ClientName, string DomainName)
        {
            HttpSender sender = new HttpSender();

            // Load the certificate for client authentication
            //Password for excerpted cert
            using (MessageCertificateX509Volatile certificate = new MessageCertificateX509Volatile("c:\\temp\\MixedModeTestCert.pfx", "Pa$$w0rd!"))

            {
                Console.WriteLine(@"Using certificate for client authentication with thumbprint of '{0}'", certificate.Thumbprint);
                // Create a registration request
                ConfigMgrRegistrationRequest registrationRequest = new ConfigMgrRegistrationRequest();

                // Add our certificate for message signing
                registrationRequest.AddCertificateToMessage(certificate, CertificatePurposes.All);

                // Set the destination hostname
                registrationRequest.Settings.HostName = MPHostname;

                Console.WriteLine("Trying to reach: " + MPHostname);

                // Discover local properties for registration metadata
                registrationRequest.Discover();
                registrationRequest.AgentIdentity = "MyCustomClient.exe";
                registrationRequest.ClientFqdn    = ClientName + "." + DomainName;
                registrationRequest.NetBiosName   = ClientName;
                registrationRequest.HardwareId    = Guid.NewGuid().ToString();
                Console.WriteLine("About to try to register" + registrationRequest.ClientFqdn);

                // Register client and wait for a confirmation with the SMSID

                //registrationRequest.Settings.Security.AuthenticationType = AuthenticationType.WindowsAuth;

                registrationRequest.Settings.Compression      = MessageCompression.Zlib;
                registrationRequest.Settings.ReplyCompression = MessageCompression.Zlib;

                SmsClientId clientId = registrationRequest.RegisterClient(sender, TimeSpan.FromMinutes(5));
                Console.WriteLine(@"Got SMSID from registration of: {0}", clientId);

                // Send data to the site
                ConfigMgrDataDiscoveryRecordMessage ddrMessage = new ConfigMgrDataDiscoveryRecordMessage();


                // Add necessary discovery data
                ddrMessage.SmsId      = clientId;
                ddrMessage.ADSiteName = "Default-First-Site-Name"; //Changed from 'My-AD-SiteName
                ddrMessage.SiteCode   = "F0X";
                ddrMessage.DomainName = DomainName;
                Console.WriteLine("ddrSettings clientID: " + clientId);
                Console.WriteLine("ddrSettings SiteCode: " + ddrMessage.SiteCode);
                Console.WriteLine("ddrSettings ADSiteNa: " + ddrMessage.ADSiteName);
                Console.WriteLine("ddrSettings DomainNa: " + ddrMessage.DomainName);
                Console.WriteLine("Message MPHostName  : " + MPHostname);

                // Now create inventory records from the discovered data (optional)
                ddrMessage.Discover();

                // Add our certificate for message signing
                ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Signing);
                ddrMessage.AddCertificateToMessage(certificate, CertificatePurposes.Encryption);
                ddrMessage.Settings.HostName = MPHostname;
                // Now send the message to the MP (it's asynchronous so there won't be a reply)
                ddrMessage.SendMessage(sender);
            }
        }