Ejemplo n.º 1
0
        public static LdapSearchResponse GetDomainInfo(string server, string domain, NetworkCredential credential)
        {
            string             rootNc   = "DC=" + domain.Replace(".", ",DC=");
            LdapSearchResponse pingrep  = new LdapSearchResponse();
            LdapConnection     ldapconn = new LdapConnection(server);

            ldapconn.Bind(credential);
            SearchRequest  sr = new SearchRequest(rootNc, "(objectClass=*)", SearchScope.Base);
            SearchResponse sp = ldapconn.SendRequest(sr) as SearchResponse;

            if (sp.ResultCode != ResultCode.Success)
            {
                throw new AutoDetectionException(string.Format("Cannot get information of domain: {0} from server {1}.", domain, server));
            }
            var attributes = sp.Entries[0].Attributes;

            // Domain GUID
            byte[] rawguid = attributes["objectGuid"][0] as byte[];
            pingrep.DomainGuid = (new Guid(rawguid)).ToString().ToUpper();

            // Domain SID
            byte[] rawsid = attributes["objectSid"][0] as byte[];
            pingrep.DomainSid = (new System.Security.Principal.SecurityIdentifier(rawsid, 0)).ToString().ToUpper();
            ldapconn.Dispose();
            return(pingrep);
        }
Ejemplo n.º 2
0
        public static LdapSearchResponse LdapPing(string server)
        {
            LdapSearchResponse pingrep  = new LdapSearchResponse();
            LdapConnection     ldapconn = new LdapConnection(server);
            SearchRequest      sr       = new SearchRequest("", "(objectClass=*)", SearchScope.Base);
            SearchResponse     sp       = ldapconn.SendRequest(sr) as SearchResponse;

            if (sp.ResultCode != ResultCode.Success)
            {
                throw new AutoDetectionException("Ldap Ping failed: {0}, Result Code: {1}", server, sp.ResultCode);
            }
            var attributes = sp.Entries[0].Attributes;

            pingrep.DomainFunctionality     = attributes.GetRootDseValue("domainfunctionality");
            pingrep.SupportedSaslMechanisms = attributes.GetRootDseValues("supportedSASLMechanisms");
            ldapconn.Dispose();
            return(pingrep);
        }
Ejemplo n.º 3
0
        public bool RunDetection()
        {
            // Get Driver Information
            ptfcfg.EndpointNetbiosName = System.Environment.MachineName.ToUpper();
            var epHostEntry = Utility.GetHost(ptfcfg.EndpointNetbiosName);

            ptfcfg.EndpointIPAddress = epHostEntry.GetIpAddress();

            ptfcfg.NrpcSutSubnet = Utility.GetSubnetAddress(epHostEntry.GetAddress());

            // Check PDC
            DetectorUtil.WriteLog("Verify PDC - Begin", true, LogStyle.Default);
            var pdcHostEntry = Utility.GetHost(ptfcfg.Dc1NetBiosName);

            if (pdcHostEntry == null)
            {
                throw new AutoDetectionException(string.Format("Cannot find {0}.", ptfcfg.Dc1NetBiosName));
            }
            ptfcfg.Dc1IpAddress   = pdcHostEntry.GetIpAddress();
            ptfcfg.Dc1NetBiosName = pdcHostEntry.GetNetbiosName().ToUpper();
            ptfcfg.LsatSutName    = ptfcfg.Dc1NetBiosName;
            // Check ADLDS Port
            int ldsport;

            if (int.TryParse(ptfcfg.AdldsPort, out ldsport) && Utility.LdapPingHost(pdcHostEntry, ldsport))
            {
                DetectorUtil.WriteLog(
                    string.Format("Verify ADLDS Port:{0} - Done", ptfcfg.AdldsPort), true, LogStyle.Default);
            }
            else
            {
                DetectorUtil.WriteLog(
                    string.Format("Verify ADLDS Port:{0} - Failed", ptfcfg.AdldsPort), true, LogStyle.Default);
                ptfcfg.AdldsPort      = "";
                ptfcfg.ClientUserName = "******";
            }

            ptfcfg.LdsAppNc = "CN=ApplicationNamingContext," + String.Join(",", ptfcfg.PrimaryDomainDnsName.Split('.').Select(s => "DC=" + s));

            LdapSearchResponse pdcPingRep = null;

            try
            {
                pdcPingRep = Utility.LdapPing(ptfcfg.Dc1NetBiosName);
            }
            catch (Exception e)
            {
                DetectorUtil.WriteLog("Error: " + e.Message);
                DetectorUtil.WriteLog("Verify PDC - Failed", true, LogStyle.StepFailed);
                goto CheckSDC;
            }

            var d = Utility.GetDomainInfo(ptfcfg.Dc1NetBiosName, ptfcfg.PrimaryDomainDnsName, new System.Net.NetworkCredential(
                                              ptfcfg.DomainAdminName, SharedPassword, ptfcfg.PrimaryDomainDnsName));

            ptfcfg.PrimaryDomainServerGuid  = d.DomainGuid;
            ptfcfg.PrimaryDomainSid         = d.DomainSid;
            ptfcfg.PrimaryDomainNetBiosName = Utility.GetDomainNetbiosName(ptfcfg.PrimaryDomainDnsName);

            ptfcfg.ReplicaDirName = String.Format(@"\\{0}\SYSVOL\{0}\scripts", ptfcfg.PrimaryDomainDnsName);

            ptfcfg.DomainFunctionLevel = pdcPingRep.DomainFunctionality;
            string mechanisms = "";

            foreach (var s in pdcPingRep.SupportedSaslMechanisms)
            {
                mechanisms += string.Format("{0}; ", s);
            }
            DetectorUtil.WriteLog("Check PDC Supported SASL Mechanisms: " + mechanisms, true, LogStyle.Default);
            ptfcfg.PdcSupportedSaslMechanisms = mechanisms;
            if (!pdcPingRep.IsSupported("GSSAPI"))
            {
                throw new AutoDetectionException("ERROR: GSSAPI is not supported.");
            }
            if (!pdcPingRep.IsSupported("GSS-SPNEGO"))
            {
                throw new AutoDetectionException("ERROR: GSS-SPNEGO is not supported.");
            }
            DetectorUtil.WriteLog("Verify PDC - Done", true, LogStyle.StepPassed);

CheckSDC:
            // Check SDC
            DetectorUtil.WriteLog("Verify SDC - Begin", true, LogStyle.Default);
            var sdcHostEntry = Utility.GetHost(ptfcfg.Dc2NetbiosName);

            if (sdcHostEntry == null || !Utility.LdapPingHost(sdcHostEntry))
            {
                DetectorUtil.WriteLog(string.Format("Secondary DC {0} is not found.", ptfcfg.Dc2NetbiosName), true, LogStyle.Default);
                SdcExists             = false;
                ptfcfg.Dc2IpAddress   = "";
                ptfcfg.Dc2NetbiosName = "";
                DetectorUtil.WriteLog("Verify SDC - Failed", true, LogStyle.StepNotFound);
            }
            else
            {
                SdcExists             = true;
                ptfcfg.Dc2IpAddress   = sdcHostEntry.GetIpAddress();
                ptfcfg.Dc2NetbiosName = sdcHostEntry.GetNetbiosName().ToUpper();
                DetectorUtil.WriteLog("Verify SDC - Done", true, LogStyle.StepPassed);
            }
            // Check RODC
            DetectorUtil.WriteLog("Verify RODC - Begin", true, LogStyle.Default);
            var rodcHostEntry = Utility.GetHost(ptfcfg.RodcNetbiosName);

            if (rodcHostEntry == null || !Utility.LdapPingHost(rodcHostEntry))
            {
                DetectorUtil.WriteLog(string.Format("Read Only DC {0} is not found.", ptfcfg.RodcNetbiosName), true, LogStyle.Default);
                RodcExists             = false;
                ptfcfg.RodcIpAddress   = "";
                ptfcfg.RodcNetbiosName = "";
                DetectorUtil.WriteLog("Verify RODC - Failed", true, LogStyle.StepNotFound);
            }
            else
            {
                RodcExists             = true;
                ptfcfg.RodcIpAddress   = rodcHostEntry.GetIpAddress();
                ptfcfg.RodcNetbiosName = rodcHostEntry.GetNetbiosName().ToUpper();
                DetectorUtil.WriteLog("Verify RODC - Done", true, LogStyle.StepPassed);
            }
            // Check DM
            DetectorUtil.WriteLog("Verify DM - Begin", true, LogStyle.Default);
            var dmHostEntry = Utility.GetHost(ptfcfg.DmNetbiosName);

            if (dmHostEntry == null)
            {
                DetectorUtil.WriteLog(string.Format("Domain Member {0} is not found.", ptfcfg.DmNetbiosName), true, LogStyle.Default);
                DmExists             = false;
                ptfcfg.DmIpAddress   = "";
                ptfcfg.DmNetbiosName = "";
                DetectorUtil.WriteLog("Verify DM - Failed", true, LogStyle.StepNotFound);
            }
            else
            {
                DmExists             = true;
                ptfcfg.DmIpAddress   = dmHostEntry.GetIpAddress();
                ptfcfg.DmNetbiosName = dmHostEntry.GetNetbiosName().ToUpper();
                DetectorUtil.WriteLog("Verify DM - Done", true, LogStyle.StepPassed);
            }
            // Check ChildDomain
            DetectorUtil.WriteLog("Verify Child Domain - Begin", true, LogStyle.Default);
            CdcExists = false;
            try
            {
                if (!string.IsNullOrWhiteSpace(ptfcfg.ChildDomainDnsName))
                {
                    DirectoryContext domainContext = new DirectoryContext(DirectoryContextType.Domain, ptfcfg.ChildDomainDnsName);
                    var domain       = System.DirectoryServices.ActiveDirectory.Domain.GetDomain(domainContext);
                    var cdc          = domain.FindDomainController();
                    var cdcHostEntry = Utility.GetHost(cdc.Name);
                    ptfcfg.CdcIpAddress           = cdcHostEntry.GetIpAddress();
                    ptfcfg.CdcNetbiosName         = cdcHostEntry.GetNetbiosName().ToUpper();
                    ptfcfg.ChildDomainNetBiosName = Utility.GetDomainNetbiosName(ptfcfg.ChildDomainDnsName);
                    CdcExists = true;
                }
            }
            catch (Exception)
            {
                CdcExists = false;
            }
            if (CdcExists)
            {
                DetectorUtil.WriteLog("Verify Child Domain - Done", true, LogStyle.StepPassed);
            }
            else
            {
                ptfcfg.ChildDomainDnsName = "";
                ptfcfg.CdcIpAddress       = "";
                ptfcfg.CdcNetbiosName     = "";
                DetectorUtil.WriteLog("Verify Child Domain - Failed", true, LogStyle.StepNotFound);
            }
            // Check Trust
            DetectorUtil.WriteLog("Verify Trust Domain - Begin", true, LogStyle.Default);
            TdcExists = false;
            try
            {
                if (!string.IsNullOrWhiteSpace(ptfcfg.TrustDomainDnsName))
                {
                    DirectoryContext domainContext = new DirectoryContext(DirectoryContextType.Domain, ptfcfg.TrustDomainDnsName);
                    var domain       = System.DirectoryServices.ActiveDirectory.Domain.GetDomain(domainContext);
                    var tdc          = domain.FindDomainController();
                    var tdcHostEntry = Utility.GetHost(tdc.Name);
                    ptfcfg.TdcIpAddress           = tdcHostEntry.GetIpAddress();
                    ptfcfg.TdcNetbiosName         = tdcHostEntry.GetNetbiosName().ToUpper();
                    ptfcfg.TrustDomainNetBiosName = Utility.GetDomainNetbiosName(ptfcfg.TrustDomainDnsName);
                    TdcExists = true;
                }
            }
            catch (Exception)
            {
                TdcExists = false;
            }
            if (TdcExists)
            {
                DetectorUtil.WriteLog("Verify Trust Domain - Done", true, LogStyle.StepPassed);
            }
            else
            {
                ptfcfg.TrustDomainDnsName = "";
                ptfcfg.TdcNetbiosName     = "";
                ptfcfg.TdcIpAddress       = "";
                DetectorUtil.WriteLog("Verify Trust Domain - Not Found", true, LogStyle.StepNotFound);
            }

            // Check User Accounts
            DetectorUtil.WriteLog("Verify User Accounts - Begin", true, LogStyle.Default);
            DetectorUtil.WriteLog(
                string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.PrimaryDomainDnsName, ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.Dc1NetBiosName),
                true, LogStyle.Default);
            Utility.LdapBind(ptfcfg.Dc1NetBiosName, new System.Net.NetworkCredential(ptfcfg.DomainAdminName, SharedPassword, ptfcfg.PrimaryDomainDnsName));
            ptfcfg.DomainUserPassword = SharedPassword;

            DetectorUtil.WriteLog(
                string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.PrimaryDomainDnsName, ptfcfg.ClientUserName, ptfcfg.DomainUserPassword, ptfcfg.Dc1NetBiosName),
                true, LogStyle.Default);
            Utility.LdapBind(ptfcfg.Dc1NetBiosName, new System.Net.NetworkCredential(ptfcfg.ClientUserName, SharedPassword, ptfcfg.PrimaryDomainDnsName));
            ptfcfg.ClientUserPassword = SharedPassword;

            if (CdcExists)
            {
                DetectorUtil.WriteLog(
                    string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.ChildDomainDnsName, ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.CdcNetbiosName),
                    true, LogStyle.Default);
                Utility.LdapBind(ptfcfg.CdcNetbiosName, new System.Net.NetworkCredential(ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.ChildDomainDnsName));
            }
            if (TdcExists)
            {
                DetectorUtil.WriteLog(
                    string.Format("Verify {0}\\{1} Password: {2} on {3}", ptfcfg.TrustDomainDnsName, ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.TdcNetbiosName),
                    true, LogStyle.Default);
                Utility.LdapBind(ptfcfg.TdcNetbiosName, new System.Net.NetworkCredential(ptfcfg.DomainAdminName, ptfcfg.DomainUserPassword, ptfcfg.TrustDomainDnsName));
            }
            DetectorUtil.WriteLog("Verify User Accounts - Done", true, LogStyle.StepPassed);
            // Check Machine Accounts

            DetectorUtil.WriteLog("Verify machine accounts - Begin.", true, LogStyle.Default);
            // PDC
            if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc1NetBiosName, ptfcfg.Dc1Password))
            {
                ptfcfg.Dc1PasswordVerified = true;
            }
            else if (ptfcfg.Dc1Password != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc1NetBiosName, SharedPassword))
            {
                ptfcfg.Dc1PasswordVerified = true;
                ptfcfg.Dc1Password         = SharedPassword;
            }
            else
            {
                ptfcfg.Dc1PasswordVerified = false;
            }

            //SDC
            ptfcfg.Dc2PasswordVerified = false;
            if (SdcExists)
            {
                if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc2NetbiosName, ptfcfg.Dc2Password))
                {
                    ptfcfg.Dc2PasswordVerified = true;
                }
                else if (ptfcfg.Dc2Password != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.Dc2NetbiosName, SharedPassword))
                {
                    ptfcfg.Dc1PasswordVerified = true;
                    ptfcfg.Dc2Password         = SharedPassword;
                }
            }
            //RODC
            ptfcfg.RodcPasswordVerified = false;
            if (RodcExists)
            {
                if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.RodcNetbiosName, ptfcfg.RodcPassword))
                {
                    ptfcfg.RodcPasswordVerified = true;
                }
                else if (ptfcfg.RodcPassword != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.RodcNetbiosName, SharedPassword))
                {
                    ptfcfg.RodcPasswordVerified = true;
                    ptfcfg.RodcPassword         = SharedPassword;
                }
            }

            //DM
            ptfcfg.DmPasswordVerified = false;
            if (DmExists)
            {
                if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.DmNetbiosName, ptfcfg.DmPassword))
                {
                    ptfcfg.DmPasswordVerified = true;
                }
                else if (ptfcfg.DmPassword != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.DmNetbiosName, SharedPassword))
                {
                    ptfcfg.DmPasswordVerified = true;
                    ptfcfg.DmPassword         = SharedPassword;
                }
            }
            //Endpoint
            if (VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.EndpointNetbiosName, ptfcfg.EndpointPassword))
            {
                ptfcfg.EndpointPasswordVerified = true;
            }
            else if (ptfcfg.EndpointPassword != SharedPassword && VerifyMachineAccount(ptfcfg.PrimaryDomainDnsName, ptfcfg.EndpointNetbiosName, SharedPassword))
            {
                ptfcfg.EndpointPasswordVerified = true;
                ptfcfg.EndpointPassword         = SharedPassword;
            }
            else
            {
                ptfcfg.EndpointPasswordVerified = false;
            }

            DetectorUtil.WriteLog("Verify machine accounts - Done.", true, LogStyle.StepPassed);

            int functionLevel;

            int.TryParse(ptfcfg.DomainFunctionLevel, out functionLevel);

            // Get TD Path
            string        installDir = @"C:\MicrosoftProtocolTests\ADFamily\Server-Endpoint\" + Utility.GetInstalledTestSuiteVersion();
            StringBuilder tddocs     = new StringBuilder();

            tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADA1\*,", installDir);
            tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADA2\*,", installDir);
            tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADA3\*,", installDir);
            tddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADSC\*,", installDir);
            if (functionLevel <= 5)
            {
                tddocs.AppendFormat(@"{0}\Data\Win8-TD-XML\MS-ADSC\*,", installDir);
                tddocs.AppendFormat(@"{0}\Data\Win8-TD-XML\MS-ADA2\*", installDir);
            }
            else
            {
                tddocs.AppendFormat(@"{0}\Data\WinBlue-TD-XML\MS-ADSC\*,", installDir);
                tddocs.AppendFormat(@"{0}\Data\WinBlue-TD-XML\MS-ADA2\*", installDir);
            }
            ptfcfg.SchemaTdPath = tddocs.ToString();

            StringBuilder ldstddocs = new StringBuilder();

            ldstddocs.AppendFormat(@"{0}\Data\Common-TD-XML\MS-ADLS\*,", installDir);
            if (functionLevel <= 5)
            {
                ldstddocs.AppendFormat(@"{0}\Data\Win8-TD-XML\MS-ADLS\*", installDir);
            }
            else
            {
                ldstddocs.AppendFormat(@"{0}\Data\WinBlue-TD-XML\MS-ADLS\*", installDir);
            }
            ptfcfg.SchemaLdsTdPath = ldstddocs.ToString();

            ptfcfg.SchemaOpenXmlPath    = String.Format(@"{0}\Data\Win2016-TD-XML\DS\*", installDir);
            ptfcfg.SchemaLdsOpenXmlPath = String.Format(@"{0}\Data\Win2016-TD-XML\LDS\*", installDir);

            return(true);
        }