public int InsertNode(ADItem aditem)
{
if (string.Equals(aditem.Class, "foreignsecurityprincipal", StringComparison.OrdinalIgnoreCase) && aditem.ObjectSid != null)
{
return(InsertUnknownSidNode(aditem.ObjectSid.Value));
}
Node node = new Node();
node.Type = aditem.Class.ToLowerInvariant();
node.Dn = aditem.DistinguishedName;
node.Sid = (aditem.ObjectSid != null ? aditem.ObjectSid.Value : null);
if (!string.IsNullOrEmpty(node.Sid) && (node.Sid.EndsWith("-513") || node.Sid.EndsWith("-515")))
{
node.EveryoneLikeGroup = true;
}
node.Shortname = aditem.DisplayName;
node.ADItem = aditem;
// reentrance from previous if
if (string.IsNullOrEmpty(node.Shortname))
{
node.Shortname = aditem.Name;
}
if (string.IsNullOrEmpty(node.Shortname))
{
Regex re = new Regex(@"^(?:OU|CN)=(?<cn>.+?)(?<!\\),(?<ou>(?:(?:OU|CN).+?(?<!\\),)*(?<dc>DC.+?))$");
Match m = re.Match(aditem.DistinguishedName);
if (!m.Success)
{
node.Shortname = "<none>";
}
else
{
node.Shortname = m.Groups[1].Value;
}
}
if (string.Equals(node.Type, "unknown", StringComparison.OrdinalIgnoreCase))
{
if (node.Dn.Contains(",CN=ForeignSecurityPrincipals,DC="))
{
node.Type = "foreignsecurityprincipal";
node.Sid = node.Dn.Substring(3, node.Dn.IndexOf(',') - 3);
}
}
return(CreateNode(node));
}
private void GenerateComputerData(FakeHealthCheckDataGeneratorDomainModel model, HealthcheckData healthcheckData)
{
healthcheckData.OperatingSystem = new List <HealthcheckOSData>();
healthcheckData.ComputerAccountData = new HealthcheckAccountData();
int size = GetCountFromSize(model);
for (int i = 0; i < size; i++)
{
ADItem x = new ADItem();
x.DistinguishedName = "CN=123";
// disabled
x.UserAccountControl += BoolOnChance(15) * 0x00000002;
//preauth
x.UserAccountControl += BoolOnChance(1) * 0x400000;
// locked
x.UserAccountControl += BoolOnChance(4) * 0x00000010;
// pwd never expires
x.UserAccountControl += BoolOnChance(10) * 0x00010000;
// pwd not required
x.UserAccountControl += BoolOnChance(2) * 0x00000020;
// trusted to authenticate
x.UserAccountControl += BoolOnChance(2) * 0x80000;
x.PrimaryGroupID = 515 + BoolOnChance(1);
new HealthcheckAnalyzer().ProcessAccountData(healthcheckData.ComputerAccountData, x, true);
}
healthcheckData.LoginScript = new List <HealthcheckLoginScriptData>();
healthcheckData.DomainControllers = new List <HealthcheckDomainController>();
size = (int)Math.Exp(Math.Log10(size) / 2);
if (size < 1)
{
size = 1;
}
for (int i = 0; i < size; i++)
{
HealthcheckDomainController dc = new HealthcheckDomainController();
dc.DCName = "DC" + i;
dc.CreationDate = DateBetween2Dates(healthcheckData.DomainCreation, DateTime.Now);
// last logon timestam can have a delta of 14 days
dc.LastComputerLogonDate = DateTime.Now.AddDays(-1 * rnd.Next(180));
dc.DistinguishedName = "DC=DC";
dc.OperatingSystem = "Windows 2019";
healthcheckData.DomainControllers.Add(dc);
}
}
private void AddADRelation(ADItem aditem)
{
if (aditem.DistinguishedName != null && !aditem.DistinguishedName.StartsWith("DC=", StringComparison.OrdinalIgnoreCase))
{
string parentcontainer = GetContainerDN(aditem.DistinguishedName);
Storage.InsertRelation(parentcontainer, MappingType.Name, aditem.DistinguishedName, MappingType.Name, RelationType.container_hierarchy);
}
if (aditem.MemberOf != null)
{
foreach (string member in aditem.MemberOf)
{
Storage.InsertRelation(aditem.DistinguishedName, MappingType.Name, member, MappingType.Name, RelationType.group_member);
}
}
if (aditem.Member != null)
{
foreach (string member in aditem.Member)
{
Storage.InsertRelation(member, MappingType.Name, aditem.DistinguishedName, MappingType.Name, RelationType.group_member);
}
}
if (aditem.PrimaryGroupID > 0)
{
Storage.InsertRelation(aditem.DistinguishedName, MappingType.Name, DomainInfo.DomainSid + "-" + aditem.PrimaryGroupID, MappingType.Sid, RelationType.primary_group_member);
}
if (aditem.NTSecurityDescriptor != null)
{
InsertSecurityDescriptorRelation(aditem);
}
if (aditem.msDSAllowedToActOnBehalfOfOtherIdentity != null)
{
InsertDelegationRelation(aditem);
}
if (!String.IsNullOrEmpty(aditem.GPLink))
{
InsertGPORelation(aditem);
}
if (aditem.SIDHistory != null)
{
foreach (SecurityIdentifier sidHistory in aditem.SIDHistory)
{
Storage.InsertRelation(aditem.DistinguishedName, MappingType.Name, sidHistory.Value, MappingType.Sid, RelationType.SIDHistory);
}
}
}
private void ExportReportData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage storage, GraphObjectReference objectReference, List <string> UsersToInvestigate)
{
ADItem aditem = null;
foreach (var typology in objectReference.Objects.Keys)
{
var toDelete = new List <GraphSingleObject>();
foreach (var obj in objectReference.Objects[typology])
{
DisplayAdvancement("Working on " + obj.Description);
aditem = Search(adws, domainInfo, obj.Name);
if (aditem != null)
{
relationFactory.AnalyzeADObject(aditem);
}
else
{
Trace.WriteLine("Unable to find the user: "******"Working on " + user);
aditem = Search(adws, domainInfo, user);
if (aditem != null)
{
objectReference.Objects[Data.CompromiseGraphDataTypology.UserDefined].Add(new GraphSingleObject(user, user));
relationFactory.AnalyzeADObject(aditem);
}
else
{
Trace.WriteLine("Unable to find the user: " + user);
}
}
AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage);
relationFactory.InsertFiles();
AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage);
}
//图片预览
public List <ADItem> getListShow(long AC_ID)
{
List <ADItem> listSC = new List <ADItem>();
string sqlStr = "select AI_ID,FileName,OrderID,Length,FileLength,StoreName from ADItem where IsDisplay =1 and BDate <=getdate() and getdate()<=EDate and AC_ID =" + AC_ID;
SqlDataReader sqlRead = SQLHelper.ExecuteReader(conString, CommandType.Text, sqlStr.ToString());
while (sqlRead.Read())
{
ADItem adSC = new ADItem();
adSC.AI_ID = long.Parse(sqlRead["AI_ID"].ToString());
adSC.Length = short.Parse(sqlRead["Length"].ToString());
adSC.OrderID = short.Parse(sqlRead["OrderID"].ToString());
adSC.FileName = sqlRead["FileName"].ToString();
adSC.StoreName = sqlRead["StoreName"].ToString();
adSC.FileLength = int.Parse(sqlRead["FileLength"].ToString());
listSC.Add(adSC);
}
sqlRead.Close();
return(listSC);
}
private ADItem Search(ADWebService adws, ADDomainInfo domainInfo, string userName)
{
ADItem output = null;
WorkOnReturnedObjectByADWS callback =
(ADItem aditem) =>
{
output = aditem;
};
if (userName.StartsWith("S-1-5"))
{
adws.Enumerate(domainInfo.DefaultNamingContext,
"(objectSid=" + ADConnection.EncodeSidToString(userName) + ")",
properties, callback);
}
adws.Enumerate(domainInfo.DefaultNamingContext,
"(&(objectCategory=person)(objectClass=user)(sAMAccountName=" + ADConnection.EscapeLDAP(userName) + "))",
properties, callback);
if (output != null)
{
return(output);
}
adws.Enumerate(domainInfo.DefaultNamingContext,
"(cn=" + ADConnection.EscapeLDAP(userName) + ")",
properties, callback);
if (output != null)
{
return(output);
}
adws.Enumerate(domainInfo.DefaultNamingContext,
"(displayName=" + ADConnection.EscapeLDAP(userName) + ")",
properties, callback);
if (output != null)
{
return(output);
}
return(output);
}
/// <summary>
/// 排序下移
/// </summary>
/// <param name="AI_ID"></param>
/// <param name="orderID"></param>
/// <returns></returns>
public Message downOrder(ADItem info)
{
Message jsonMessage;
bool resultB = false;
string reStr = ""; long aiID = -1; int upOrderID = -1;
//查找比当前OrderID还要小的值是否存在;
string sqlStr = "select min(ai_id) ai_id,min(orderID) orderID from ADItem where orderID>" + info.OrderID + " and AC_ID=" + info.AC_ID;
SqlDataReader infoReader = SQLHelper.ExecuteReader(conString, CommandType.Text, sqlStr.ToString());
if (infoReader.Read() && infoReader["ai_id"].ToString() != "")
{
aiID = long.Parse(infoReader["ai_id"].ToString());
upOrderID = int.Parse(infoReader["orderID"].ToString());
}
infoReader.Close();
//当没有查到数据时,证明为最后一行,不能下移;
if (aiID == -1)
{
reStr = "已排最后一行,不需要下移!";
}
else //进行排名修改,即把两条记录的排序编号进行调换;
{
string sqlUpOrderID = "update ADItem set orderID = " + upOrderID + " where Ai_ID=" + info.AI_ID + ";";
sqlUpOrderID += "update ADItem set orderID = " + info.OrderID + " where Ai_ID=" + aiID + ";";
resultB = SQLHelper.ExecuteNonQuery(conString, CommandType.Text, sqlUpOrderID.ToString()) > 0;
}
if (resultB)
{
reStr = "上移成功!";
}
jsonMessage = new Message()
{
Result = resultB,
TxtMessage = reStr
};
return(jsonMessage);
}
public void AnalyzeADObject(ADItem aditem)
{
// avoid reentry which can be caused by primary group id checks
if (aditem.ObjectSid != null)
{
if (Storage.SearchItem(aditem.ObjectSid.Value) != -1)
{
Trace.WriteLine("Item " + aditem.DistinguishedName + " has already been analyzed");
return;
}
}
Trace.WriteLine("Working on " + aditem.DistinguishedName);
Storage.InsertNode(aditem);
if (String.Equals(aditem.Class, "foreignsecurityprincipal", StringComparison.OrdinalIgnoreCase))
{
return;
}
// membership, security descriptor, ...
AddADRelation(aditem);
// GPO, script
AddFileRelation(aditem);
}
private void InsertNode(ADItem aditem)
{
string shortname = aditem.Name;
//if (aditem.Class.Equals("foreignSecurityPrincipal", StringComparison.InvariantCultureIgnoreCase) && aditem.ObjectSid != null)
//{
// shortname = NativeMethods.ConvertSIDToName(aditem.ObjectSid.Value, null);
//}
if (String.IsNullOrEmpty(shortname))
{
Regex re = new Regex(@"^(?:OU|CN)=(?<cn>.+?)(?<!\\),(?<ou>(?:(?:OU|CN).+?(?<!\\),)*(?<dc>DC.+?))$");
Match m = re.Match(aditem.DistinguishedName);
if (!m.Success)
{
shortname = "<none>";
}
else
{
shortname = m.Groups[1].Value;
}
}
Storage.InsertNode(shortname, aditem.Class, aditem.DistinguishedName, (aditem.ObjectSid != null ? aditem.ObjectSid.Value : null));
}
private SingleCompromiseGraphComputerMemberData BuildMembersComputer(ADItem x)
{
var member = new SingleCompromiseGraphComputerMemberData();
member.Name = x.SAMAccountName;
member.DistinguishedName = x.DistinguishedName;
member.LastLogonTimestamp = x.LastLogonTimestamp;
if ((x.UserAccountControl & 0x00000002) != 0)
{
}
else
{
member.IsEnabled = true;
// last login since 6 months
if (x.LastLogonTimestamp.AddDays(6 * 31) > DateTime.Now)
{
member.IsActive = true;
}
else
{
}
if (x.ServicePrincipalName != null && x.ServicePrincipalName.Length > 0)
{
member.SPN = new List <string>(x.ServicePrincipalName);
}
if ((x.UserAccountControl & 0x00000010) != 0)
{
member.IsLocked = true;
}
// this account is sensitive and cannot be delegated
if ((x.UserAccountControl & 0x100000) == 0)
{
member.CanBeDelegated = true;
}
}
return(member);
}
public Group(ADItem parent, string name) : base(parent, Guid.NewGuid().ToString(), name)
{
mItems = new List <Item>();
mGroups = new List <Group>();
}
private void InsertSecurityDescriptorRelation(ADItem aditem)
{
ActiveDirectorySecurity sd = aditem.NTSecurityDescriptor;
Storage.InsertRelation(sd.GetOwner(typeof(SecurityIdentifier)).Value, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.AD_OWNER);
// relations can be duplicated - will slow down import
Dictionary <string, List <RelationType> > relationToAdd = new Dictionary <string, List <RelationType> >();
foreach (ActiveDirectoryAccessRule accessrule in sd.GetAccessRules(true, false, typeof(SecurityIdentifier)))
{
// ignore audit / denied ace
if (accessrule.AccessControlType != AccessControlType.Allow)
{
continue;
}
RelationType restrictedObject = RelationType.container_hierarchy;
if ((accessrule.ObjectFlags & ObjectAceFlags.ObjectAceTypePresent) != 0)
{
switch (accessrule.ObjectType.ToString().ToLowerInvariant())
{
case "4828cc14-1437-45bc-9b07-ad6f015e5f28": // inetorg
case "bf967aba-0de6-11d0-a285-00aa003049e2": // user
restrictedObject = RelationType.RestrictedToUser;
break;
case "bf967a86-0de6-11d0-a285-00aa003049e2":
restrictedObject = RelationType.RestrictedToComputer;
break;
case "bf967aa5-0de6-11d0-a285-00aa003049e2":
restrictedObject = RelationType.RestrictedToOU;
break;
case "bf967a9c-0de6-11d0-a285-00aa003049e2":
restrictedObject = RelationType.RestrictedToGroup;
break;
case "ce206244-5827-4a86-ba1c-1c0c386c1b64":
case "7b8b558a-93a5-4af7-adca-c017e67f1057":
restrictedObject = RelationType.RestrictedToMsaOrGmsa;
break;
case "f30e3bc2-9ff0-11d1-b603-0000f80367c1":
restrictedObject = RelationType.RestrictedToGpo;
break;
default:
continue;
}
}
// ADS_RIGHT_GENERIC_ALL
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.GenericAll))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_ALL);
}
else
{
// ADS_RIGHT_GENERIC_WRITE
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.GenericWrite))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_WRITE);
}
// ADS_RIGHT_WRITE_DAC
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteDacl))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_DAC);
}
// ADS_RIGHT_WRITE_OWNER
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteOwner))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_OWNER);
}
if (accessrule.ObjectFlags == ObjectAceFlags.None)
{
// ADS_RIGHT_DS_CONTROL_ACCESS
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.ExtendedRight))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.EXT_RIGHT_ALL);
}
// ADS_RIGHT_DS_SELF
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.Self))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.VAL_WRITE_ALL);
}
// ADS_RIGHT_DS_WRITE_PROP
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteProperty))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.WRITE_PROP_ALL);
}
}
else if ((accessrule.ObjectFlags & ObjectAceFlags.ObjectAceTypePresent) == ObjectAceFlags.ObjectAceTypePresent)
{
// ADS_RIGHT_DS_CONTROL_ACCESS
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.ExtendedRight))
{
foreach (KeyValuePair <Guid, RelationType> extendedright in GuidsControlExtendedRights)
{
if (extendedright.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, extendedright.Value);
}
}
}
// ADS_RIGHT_DS_SELF
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.Self))
{
foreach (KeyValuePair <Guid, RelationType> validatewrite in GuidsControlValidatedWrites)
{
if (validatewrite.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, validatewrite.Value);
}
}
}
// ADS_RIGHT_DS_WRITE_PROP
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.WriteProperty))
{
foreach (KeyValuePair <Guid, RelationType> controlproperty in GuidsControlProperties)
{
if (controlproperty.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlproperty.Value);
}
}
foreach (KeyValuePair <Guid, RelationType> controlpropertyset in GuidsControlPropertiesSets)
{
if (controlpropertyset.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlpropertyset.Value);
}
}
}
if (IsRightSetinAccessRule(accessrule, ActiveDirectoryRights.ReadProperty))
{
foreach (KeyValuePair <Guid, RelationType> controlproperty in GuidsReadProperties)
{
if (controlproperty.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlproperty.Value);
}
}
}
}
}
if (restrictedObject != RelationType.container_hierarchy && relationToAdd.ContainsKey(accessrule.IdentityReference.Value))
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, restrictedObject);
}
}
foreach (string target in relationToAdd.Keys)
{
foreach (RelationType link in relationToAdd[target])
{
Storage.InsertRelation(target, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, link);
}
}
}
private void AddADRelation(ADItem aditem)
{
if (aditem.DistinguishedName != null && !aditem.DistinguishedName.StartsWith("DC=", StringComparison.OrdinalIgnoreCase))
{
string parentcontainer = GetContainerDN(aditem.DistinguishedName);
Storage.InsertRelation(parentcontainer, MappingType.DistinguishedName, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.container_hierarchy);
}
if (aditem.Member != null)
{
foreach (string member in aditem.Member)
{
Storage.InsertRelation(member, MappingType.DistinguishedName, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.group_member);
}
}
if (aditem.PrimaryGroupID > 0)
{
// don't link users with Domain User or Domain Computers ! It will build a complicated graph else
if (aditem.PrimaryGroupID != 513 && aditem.PrimaryGroupID != 515)
{
Storage.InsertRelation(aditem.DistinguishedName, MappingType.DistinguishedName, DomainInfo.DomainSid + "-" + aditem.PrimaryGroupID, MappingType.Sid, RelationType.primary_group_member);
}
}
if (aditem.NTSecurityDescriptor != null)
{
InsertSecurityDescriptorRelation(aditem);
}
if (delegations != null)
{
List <string> sidDelegated = new List <string>();
if (!string.IsNullOrEmpty(aditem.DNSHostName) && delegations.ContainsKey(aditem.DNSHostName))
{
foreach (var item in delegations[aditem.DNSHostName])
{
if (!sidDelegated.Contains(item))
{
sidDelegated.Add(item);
}
}
}
if (!string.IsNullOrEmpty(aditem.SAMAccountName) && delegations.ContainsKey(aditem.SAMAccountName.Replace("$", "")))
{
foreach (var item in delegations[aditem.SAMAccountName.Replace("$", "")])
{
if (!sidDelegated.Contains(item))
{
sidDelegated.Add(item);
}
}
}
foreach (var item in sidDelegated)
{
if (protocolTransitionSid.Contains(item))
{
Storage.InsertRelation(item, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.msDS_Allowed_To_Delegate_To_With_Protocol_Transition);
}
else
{
Storage.InsertRelation(item, MappingType.Sid, aditem.DistinguishedName, MappingType.DistinguishedName, RelationType.msDS_Allowed_To_Delegate_To);
}
}
}
if (aditem.msDSAllowedToActOnBehalfOfOtherIdentity != null)
{
InsertDelegationRelation(aditem);
}
if (!String.IsNullOrEmpty(aditem.GPLink))
{
InsertGPORelation(aditem);
}
if (aditem.SIDHistory != null)
{
foreach (SecurityIdentifier sidHistory in aditem.SIDHistory)
{
Storage.InsertRelation(aditem.DistinguishedName, MappingType.DistinguishedName, sidHistory.Value, MappingType.Sid, RelationType.SIDHistory);
}
}
}
public int InsertNode(string shortname, string objectclass, string name, string sid, ADItem adItem)
{
if (String.Equals(objectclass, "unknown", StringComparison.OrdinalIgnoreCase))
{
if (name.Contains(",CN=ForeignSecurityPrincipals,DC="))
{
objectclass = "foreignsecurityprincipal";
sid = name.Substring(3, name.IndexOf(',') - 3);
}
}
// reentrance from previous if
if (String.Equals(objectclass, "foreignsecurityprincipal", StringComparison.OrdinalIgnoreCase))
{
// avoid CREATOR OWNER (used for dynamic permissions)
if (String.Equals(sid, "S-1-3-0", StringComparison.OrdinalIgnoreCase))
{
return(-1);
}
if (String.Equals(sid, "S-1-5-18", StringComparison.OrdinalIgnoreCase))
{
return(-1);
}
string referencedDomain = null;
string ntaccount = NativeMethods.ConvertSIDToName(sid, serverForSIDResolution, out referencedDomain);
if (ntaccount == shortname)
{
if (String.IsNullOrEmpty(referencedDomain))
{
ntaccount = shortname;
}
else
{
ntaccount = referencedDomain + "\\" + shortname;
}
}
shortname = ntaccount;
name = sid;
adItem = null;
}
Node node = new Node();
node.Shortname = shortname;
node.Type = objectclass;
node.Dn = name;
node.Sid = sid;
node.ADItem = adItem;
//12345
lock (nodes)
{
Trace.WriteLine("Inserting node " + index + " name=" + node.Name + " sid=" + node.Sid + " shortname=" + node.Shortname);
node.Id = index;
nodes.Add(index, node);
if (!string.IsNullOrEmpty(name))
{
if (name.StartsWith("\\\\"))
{
KnownFiles.Add(name);
if (FilesToInvestigate.Contains(name))
{
FilesToInvestigate.Remove(name);
}
}
else
{
KnownCN.Add(name);
if (CNToInvestigate.Contains(name))
{
CNToInvestigate.Remove(name);
}
}
}
if (!String.IsNullOrEmpty(sid))
{
KnownSID.Add(sid);
if (SIDToInvestigate.Contains(sid))
{
SIDToInvestigate.Remove(sid);
}
// handle primary group id
if (objectclass == "group")
{
if (sid.StartsWith("S-1-5-21-"))
{
var part = sid.Split('-');
int PGId = int.Parse(part[part.Length - 1]);
if (!KnownPGId.Contains(PGId) && !PGIdToInvestigate.Contains(PGId))
{
PGIdToInvestigate.Add(PGId);
}
}
}
}
return(index++);
}
}
private void InsertSecurityDescriptorRelation(ADItem aditem)
{
ActiveDirectorySecurity sd = aditem.NTSecurityDescriptor;
Storage.InsertRelation(sd.GetOwner(typeof(SecurityIdentifier)).Value, MappingType.Sid, aditem.DistinguishedName, MappingType.Name, RelationType.AD_OWNER);
// relations can be duplicated - will slow down import
Dictionary <string, List <RelationType> > relationToAdd = new Dictionary <string, List <RelationType> >();
foreach (ActiveDirectoryAccessRule accessrule in sd.GetAccessRules(true, false, typeof(SecurityIdentifier)))
{
// ignore audit / denied ace
if (accessrule.AccessControlType != AccessControlType.Allow)
{
continue;
}
// ADS_RIGHT_GENERIC_ALL
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.GenericAll) == ActiveDirectoryRights.GenericAll)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_ALL);
}
// ADS_RIGHT_GENERIC_WRITE
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.GenericWrite) == ActiveDirectoryRights.GenericWrite)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.GEN_RIGHT_WRITE);
}
// ADS_RIGHT_WRITE_DAC
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteDacl) == ActiveDirectoryRights.WriteDacl)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_DAC);
}
// ADS_RIGHT_WRITE_OWNER
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteOwner) == ActiveDirectoryRights.WriteOwner)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.ADS_RIGHT_WRITE_OWNER);
}
if (accessrule.ObjectFlags == ObjectAceFlags.None)
{
// ADS_RIGHT_DS_CONTROL_ACCESS
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.ExtendedRight) == ActiveDirectoryRights.ExtendedRight)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.EXT_RIGHT_ALL);
}
// ADS_RIGHT_DS_SELF
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.Self) == ActiveDirectoryRights.Self)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.VAL_WRITE_ALL);
}
// ADS_RIGHT_DS_WRITE_PROP
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteProperty) == ActiveDirectoryRights.WriteProperty)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, RelationType.WRITE_PROP_ALL);
}
}
else if ((accessrule.ObjectFlags & ObjectAceFlags.ObjectAceTypePresent) == ObjectAceFlags.ObjectAceTypePresent)
{
if (new Guid("00299570-246d-11d0-a768-00aa006e0529") == accessrule.ObjectType)
{
}
// ADS_RIGHT_DS_CONTROL_ACCESS
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.ExtendedRight) == ActiveDirectoryRights.ExtendedRight)
{
foreach (KeyValuePair <Guid, RelationType> extendedright in GuidsControlExtendedRights)
{
if (extendedright.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, extendedright.Value);
}
}
}
// ADS_RIGHT_DS_SELF
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.Self) == ActiveDirectoryRights.Self)
{
foreach (KeyValuePair <Guid, RelationType> validatewrite in GuidsControlValidatedWrites)
{
if (validatewrite.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, validatewrite.Value);
}
}
}
// ADS_RIGHT_DS_WRITE_PROP
if ((accessrule.ActiveDirectoryRights & ActiveDirectoryRights.WriteProperty) == ActiveDirectoryRights.WriteProperty)
{
foreach (KeyValuePair <Guid, RelationType> controlproperty in GuidsControlProperties)
{
if (controlproperty.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlproperty.Value);
}
}
foreach (KeyValuePair <Guid, RelationType> controlpropertyset in GuidsControlPropertiesSets)
{
if (controlpropertyset.Key == accessrule.ObjectType)
{
IncludeRelationInDictionary(relationToAdd, accessrule.IdentityReference.Value, controlpropertyset.Value);
}
}
}
}
}
foreach (string target in relationToAdd.Keys)
{
foreach (RelationType link in relationToAdd[target])
{
Storage.InsertRelation(target, MappingType.Sid, aditem.DistinguishedName, MappingType.Name, link);
}
}
}
/// <summary>
/// 修改主题
/// </summary>
/// <param name="info"></param>
/// <returns></returns>
public Message Edit(ADItem model)
{
Message jsonMessage;
bool resultB = false;
string reStr = "";
try
{
StringBuilder strSql = new StringBuilder();
strSql.Append("update ADItem set ");
strSql.Append("AC_ID=@AC_ID,");
strSql.Append("OrderID=@OrderID,");
strSql.Append("FileName=@FileName,");
strSql.Append("BDate=@BDate,");
strSql.Append("EDate=@EDate,");
strSql.Append("Length=@Length,");
strSql.Append("StoreName=@StoreName,");
strSql.Append("IsDisplay=@IsDisplay,");
strSql.Append("StorePath=@StorePath,");
strSql.Append("FileLength=@FileLength");
strSql.Append(" where AI_ID=@AI_ID");
SqlParameter[] parameters =
{
new SqlParameter("@AC_ID", SqlDbType.BigInt, 8),
new SqlParameter("@OrderID", SqlDbType.SmallInt, 2),
new SqlParameter("@FileName", SqlDbType.VarChar, 20),
new SqlParameter("@BDate", SqlDbType.DateTime),
new SqlParameter("@EDate", SqlDbType.DateTime),
new SqlParameter("@Length", SqlDbType.SmallInt, 2),
new SqlParameter("@StoreName", SqlDbType.Char, 20),
new SqlParameter("@IsDisplay", SqlDbType.Bit, 1),
new SqlParameter("@StorePath", SqlDbType.VarChar),
new SqlParameter("@FileLength", SqlDbType.Int, 4),
new SqlParameter("@AI_ID", SqlDbType.BigInt, 8)
};
parameters[0].Value = model.AC_ID;
parameters[1].Value = model.OrderID;
parameters[2].Value = model.FileName;
parameters[3].Value = model.BDate;
parameters[4].Value = model.EDate;
parameters[5].Value = model.Length;
parameters[6].Value = model.StoreName;
parameters[7].Value = model.IsDisplay;
parameters[8].Value = model.StorePath;
parameters[9].Value = model.FileLength;
parameters[10].Value = model.AI_ID;
resultB = SQLHelper.ExecuteNonQuery(conString, CommandType.Text, strSql.ToString(), parameters) > 0;
}
catch (Exception e)
{
reStr = e.ToString();
}
if (!resultB)
{
reStr = "修改失败!";
}
else
{
//反回Json字段串:
reStr = "{\"AI_ID\":\"" + model.AI_ID + "\",\"IsDisplay\":\"" + model.IsDisplay + "\",\"Length\":\"" + model.Length + "\",\"EDate\":\"" + model.EDate + "\",\"BDate\":\"" + model.BDate + "\",\"AC_ID\":\"" + model.AC_ID + "\",\"OrderID\":\"" + model.OrderID + "\",\"FileName\":\"" + model.FileName + "\"}";
}
jsonMessage = new Message()
{
Result = resultB,
TxtMessage = reStr
};
return(jsonMessage);
}
public void AddSIDHistoryDetail(Healthcheck.HealthcheckAccountDetailData item, ADItem x)
{
AddWithoutDetail("SidHistory");
}
public override ADItem Clone(ADItem parent)
{
return(Item.FromXML(parent, this.ToXML()));
}
public override void DoLoginedHandlerWork(HttpContext context)
{
Message jsonMessage;
jsonMessage = new Message()
{
Result = false,
TxtMessage = "权限验证失败,可能原因:\n1、数据中心通讯失败。\n2、系统管理员未与您分配对应操作权限。"
};
string AjaxType = context.Request.QueryString["AType"] == null ? string.Empty : context.Request.QueryString["AType"].ToString().ToUpper();
ADItem Info = new ADItem();
WCFServiceProxy <IADItemDAL> proxy = null;
Info = new CommonModelFactory <ADItem>().GetModelFromContext(context);
proxy = new WCFServiceProxy <IADItemDAL>();
//文件控制接口
WCFServiceProxy <IADFileService> fileContrl = new WCFServiceProxy <IADFileService>();
try
{
switch (AjaxType)
{//查询用户
case "QUERY":
CommonSearch <ADItem> InfoSearch = new CommonSearch <ADItem>();
string Where = "1=1 ";
if (context.Request.Form["TWhere"] != null && context.Request.Form["TWhere"].ToString().Trim() != string.Empty)
{
Where += context.Request.Form["TWhere"].ToString();
}
SearchCondition sCondition = new SearchCondition()
{
TBName = "ADItem", TFieldKey = "AI_ID", TTotalCount = -1, TPageCurrent = 1, TFieldOrder = "OrderID asc", TWhere = Where
};
List <ADItem> list = InfoSearch.GetList(ref sCondition, context);
jsonMessage = new Message()
{
Result = true,
TxtMessage = JSon.ListToJson <ADItem>(list, sCondition.TTotalCount)
};
break;
//列表
case "QUERYVIEW":
CommonSearch <ADItem> InfoSearchView = new CommonSearch <ADItem>();
Where = "1=1 ";
if (context.Request.Form["TWhere"] != null && context.Request.Form["TWhere"].ToString().Trim() != string.Empty)
{
Where += context.Request.Form["TWhere"].ToString();
}
sCondition = new SearchCondition()
{
TBName = "ADItem", TFieldKey = "AI_ID", TTotalCount = -1, TPageCurrent = 1, TFieldOrder = " OrderID asc", TWhere = Where
};
List <ADItem> listView = InfoSearchView.GetList(ref sCondition, context);
//SysCookie.UrlParaStr = "InfoCount?" + listView.Count;//取得条数据,方便生成序列号
jsonMessage = new Message()
{
Result = true,
TxtMessage = JSon.ListToJson <ADItem>(listView, sCondition.TTotalCount)
};
break;
//添加广告内容
case "ADD":
//提取上传地址配置值
string ADFilePath = System.Configuration.ConfigurationManager.AppSettings["ADFilePath"].ToString();
HttpPostedFile postedFile = context.Request.Files[0];
//提取扩展名
string fileExtendName = Info.FileName.Substring(Info.FileName.IndexOf("."), Info.FileName.Length - Info.FileName.IndexOf("."));
//将文件存到服务器上
postedFile.SaveAs(ADFilePath + @"\" + Info.FileName);
//将生成文件流
System.IO.Stream stream = postedFile.InputStream;
//将文件转换成文件流并存入二进制数组
byte[] data = new byte[stream.Length];
stream.Read(data, 0, data.Length);
stream.Close();
Info.FileLength = data.Length;
Info.StorePath = postedFile.FileName;
Info.StoreName = loginOperator.CompanyID + string.Format("{0:yyMMdd}", DateTime.Now) + AdMComm.GetAddZero(proxy.getChannel.userPuFileNum(loginOperator.CompanyID) + 1, 5) + fileExtendName;
//调用共用文件上传接口
string fileRetrue = fileContrl.getChannel.UpLoad(loginOperator.CompanyID, Info.StoreName, data);
jsonMessage = proxy.getChannel.Add(Info);
break;
case "EDIT":
HttpFileCollection files = HttpContext.Current.Request.Files;
if (files.Count > 0)
{
//提取上传地址配置值
string eADFilePath = System.Configuration.ConfigurationManager.AppSettings["ADFilePath"].ToString();
HttpPostedFile epostedFile = context.Request.Files[0];
//提取扩展名
string efileExtendName = Info.FileName.Substring(Info.FileName.IndexOf("."), Info.FileName.Length - Info.FileName.IndexOf("."));
//将文件存到服务器上
epostedFile.SaveAs(eADFilePath + @"\" + Info.FileName);
//将生成文件流
System.IO.Stream estream = epostedFile.InputStream;
//将文件转换成文件流并存入二进制数组
byte[] edata = new byte[estream.Length];
estream.Read(edata, 0, edata.Length);
estream.Close();
Info.FileLength = edata.Length;
Info.StorePath = epostedFile.FileName;
Info.StoreName = loginOperator.CompanyID + string.Format("{0:yyMMdd}", DateTime.Now) + AdMComm.GetAddZero(proxy.getChannel.userPuFileNum(loginOperator.CompanyID) + 1, 5) + efileExtendName;
//调用共用文件上传接口
string efileRetrue = fileContrl.getChannel.UpLoad(loginOperator.CompanyID, Info.StoreName, edata);
}
jsonMessage = proxy.getChannel.Edit(Info);
break;
case "UPORDER":
//if (Info.OrderID != null) orderIDre = short.Parse(Info.OrderID.ToString());
jsonMessage = proxy.getChannel.upOrder(Info);
break;
case "DOWNORDER":
//if (Info.OrderID != null) orderIDre = short.Parse(Info.OrderID.ToString());
jsonMessage = proxy.getChannel.downOrder(Info);
break;
//删除信息
case "DELFILE":
jsonMessage = proxy.getChannel.Delete(Info.AI_ID);
//调用共用文件接口,删除文件
string dfileRetrue = fileContrl.getChannel.Delete(loginOperator.CompanyID, Info.StoreName);
break;
default:
jsonMessage = new Message()
{
Result = false,
TxtMessage = "1.操作未定义!"
};
break;
}
}
catch (Exception ex)
{
jsonMessage = new Message()
{
Result = false,
TxtMessage = ex.Message
};
}
finally
{
if (proxy != null)
{
proxy.CloseChannel();
}
}
context.Response.Write(JSon.TToJson <Message>(jsonMessage));
}
