public static IEnumerable <GlobalCatalog> Get_ForestGlobalCatalog(Args_Get_ForestGlobalCatalog args = null)
{
if (args == null)
{
args = new Args_Get_ForestGlobalCatalog();
}
var Arguments = new Args_Get_Forest
{
Forest = args.Forest,
Credential = args.Credential
};
var ForestObject = GetForest.Get_Forest(Arguments);
if (ForestObject != null)
{
var ForestGlobalCatalogs = new List <GlobalCatalog>();
var items = ForestObject.Forest.FindAllGlobalCatalogs();
foreach (GlobalCatalog item in items)
{
ForestGlobalCatalogs.Add(item);
}
}
return(null);
}
public static DomainCollection Get_ForestDomain(Args_Get_ForestDomain args = null)
{
if (args == null)
{
args = new Args_Get_ForestDomain();
}
var Arguments = new Args_Get_Forest
{
Forest = args.Forest,
Credential = args.Credential
};
var ForestObject = GetForest.Get_Forest(Arguments);
if (ForestObject != null)
{
return(ForestObject.Forest?.Domains);
}
return(null);
}
public static ForestEx Get_Forest(Args_Get_Forest args = null)
{
if (args == null)
{
args = new Args_Get_Forest();
}
var ForestObject = new ForestEx();
if (args.Credential != null)
{
Logger.Write_Verbose(@"[Get-Forest] Using alternate credentials for Get-Forest");
string TargetForest = null;
if (args.Forest.IsNotNullOrEmpty())
{
TargetForest = args.Forest;
}
else
{
// if no domain is supplied, extract the logon domain from the PSCredential passed
TargetForest = args.Credential.Domain;
Logger.Write_Verbose(@"[Get-Forest] Extracted domain '$Forest' from -Credential");
}
var ForestContext = new System.DirectoryServices.ActiveDirectory.DirectoryContext(System.DirectoryServices.ActiveDirectory.DirectoryContextType.Forest, TargetForest, args.Credential.UserName, args.Credential.Password);
try
{
ForestObject.Forest = System.DirectoryServices.ActiveDirectory.Forest.GetForest(ForestContext);
}
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-Forest] The specified forest '{TargetForest}' does not exist, could not be contacted, there isn't an existing trust, or the specified credentials are invalid: {e}");
}
}
else if (args.Forest.IsNotNullOrEmpty())
{
var ForestContext = new System.DirectoryServices.ActiveDirectory.DirectoryContext(System.DirectoryServices.ActiveDirectory.DirectoryContextType.Forest, args.Forest);
try
{
ForestObject.Forest = System.DirectoryServices.ActiveDirectory.Forest.GetForest(ForestContext);
}
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-Forest] The specified forest '{args.Forest}' does not exist, could not be contacted, or there isn't an existing trust: {e}");
}
}
else
{
// otherwise use the current forest
ForestObject.Forest = System.DirectoryServices.ActiveDirectory.Forest.GetCurrentForest();
}
if (ForestObject.Forest != null)
{
// get the SID of the forest root
string ForestSid = null;
if (args.Credential != null)
{
ForestSid = (GetDomainUser.Get_DomainUser(new Args_Get_DomainUser {
Identity = new[] { @"krbtgt" }, Domain = ForestObject.Forest.RootDomain.Name, Credential = args.Credential
}).First() as LDAPProperty).objectsid?.First();
}
else
{
ForestSid = (GetDomainUser.Get_DomainUser(new Args_Get_DomainUser {
Identity = new[] { @"krbtgt" }, Domain = ForestObject.Forest.RootDomain.Name
}).First() as LDAPProperty).objectsid?.First();
}
var Parts = ForestSid.Split('-');
ForestSid = string.Join(@"-", Parts.Take(Parts.Length - 2 + 1));
ForestObject.RootDomainSid = ForestSid;
return(ForestObject);
}
return(null);
}
public static Dictionary <string, string> Get_DomainGUIDMap(Args_Get_DomainGUIDMap args = null)
{
if (args == null)
{
args = new Args_Get_DomainGUIDMap();
}
var GUIDs = new Dictionary <string, string>
{
{ @"00000000-0000-0000-0000-000000000000", @"All" }
};
var ForestArguments = new Args_Get_Forest()
{
Credential = args.Credential
};
string SchemaPath = null;
try
{
SchemaPath = GetForest.Get_Forest(ForestArguments).Forest.Schema.Name;
}
catch
{
throw new Exception(@"[Get-DomainGUIDMap] Error in retrieving forest schema path from Get-Forest");
}
if (SchemaPath.IsNullOrEmpty())
{
throw new Exception(@"[Get-DomainGUIDMap] Error in retrieving forest schema path from Get-Forest");
}
var SearcherArguments = new Args_Get_DomainSearcher
{
SearchBase = SchemaPath,
LDAPFilter = @"(schemaIDGUID=*)",
Domain = args.Domain,
Server = args.Server,
ResultPageSize = args.ResultPageSize,
ServerTimeLimit = args.ServerTimeLimit,
Credential = args.Credential
};
var SchemaSearcher = GetDomainSearcher.Get_DomainSearcher(SearcherArguments);
if (SchemaSearcher != null)
{
try
{
var Results = SchemaSearcher.FindAll();
if (Results != null)
{
foreach (SearchResult result in Results)
{
GUIDs[(new Guid(result.Properties["schemaidguid"][0] as byte[])).ToString()] = result.Properties["name"][0].ToString();
}
try { Results.Dispose(); }
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-DomainGUIDMap] Error disposing of the Results object: {e}");
}
}
SchemaSearcher.Dispose();
}
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-DomainGUIDMap] Error in building GUID map: {e}");
}
}
SearcherArguments.SearchBase = SchemaPath.Replace(@"Schema", @"Extended-Rights");
SearcherArguments.LDAPFilter = @"(objectClass=controlAccessRight)";
var RightsSearcher = GetDomainSearcher.Get_DomainSearcher(SearcherArguments);
if (RightsSearcher != null)
{
try
{
var Results = RightsSearcher.FindAll();
if (Results != null)
{
foreach (SearchResult result in Results)
{
GUIDs[(new Guid(result.Properties["rightsguid"][0] as byte[])).ToString()] = result.Properties["name"][0].ToString();
}
try { Results.Dispose(); }
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-DomainGUIDMap] Error disposing of the Results object: {e}");
}
}
RightsSearcher.Dispose();
}
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-DomainGUIDMap] Error in building GUID map: {e}");
}
}
return(GUIDs);
}
public static IEnumerable <IDomainTrust> Get_DomainTrustMapping(Args_Get_DomainTrustMapping args = null)
{
if (args == null)
{
args = new Args_Get_DomainTrustMapping();
}
// keep track of domains seen so we don't hit infinite recursion
var SeenDomains = new Dictionary <string, string>();
// our domain status tracker
var Domains = new System.Collections.Stack();
var DomainTrustArguments = new Args_Get_DomainTrust
{
API = args.API,
NET = args.NET,
LDAPFilter = args.LDAPFilter,
Properties = args.Properties,
SearchBase = args.SearchBase,
Server = args.Server,
SearchScope = args.SearchScope,
ResultPageSize = args.ResultPageSize,
ServerTimeLimit = args.ServerTimeLimit,
Tombstone = args.Tombstone,
Credential = args.Credential
};
// get the current domain and push it onto the stack
string CurrentDomain = null;
if (args.Credential != null)
{
CurrentDomain = GetDomain.Get_Domain(new Args_Get_Domain {
Credential = args.Credential
}).Name;
}
else
{
CurrentDomain = GetDomain.Get_Domain().Name;
}
Domains.Push(CurrentDomain);
var DomainTrustMappings = new List <IDomainTrust>();
while (Domains.Count != 0)
{
string Domain = Domains.Pop() as string;
// if we haven't seen this domain before
if (Domain != null && Domain.Trim() != @"" && !SeenDomains.ContainsKey(Domain))
{
Logger.Write_Verbose($@"[Get-DomainTrustMapping] Enumerating trusts for domain: '{Domain}'");
// mark it as seen in our list
SeenDomains.Add(Domain, "");
try
{
// get all the trusts for this domain
DomainTrustArguments.Domain = Domain;
var Trusts = GetDomainTrust.Get_DomainTrust(DomainTrustArguments);
// get any forest trusts, if they exist
if (args.NET)
{
var ForestTrustArguments = new Args_Get_Forest
{
Forest = args.Forest,
Credential = args.Credential
};
Trusts.Union(GetForestTrust.Get_ForestTrust(ForestTrustArguments));
}
if (Trusts != null)
{
// enumerate each trust found
foreach (var Trust in Trusts)
{
if (Trust.SourceName.IsNotNullOrEmpty() && Trust.TargetName.IsNotNullOrEmpty())
{
// make sure we process the target
Domains.Push(Trust.TargetName);
DomainTrustMappings.Add(Trust);
}
}
}
}
catch (Exception e)
{
Logger.Write_Verbose($@"[Get-DomainTrustMapping] Error: {e}");
}
}
}
return(DomainTrustMappings);
}
public static ForestEx Get_NetForest(Args_Get_Forest args = null)
{
return(GetForest.Get_Forest(args));
}
public static System.DirectoryServices.ActiveDirectory.TrustRelationshipInformationCollection Get_NetForestTrust(Args_Get_Forest args = null)
{
return(Get_NetForestTrust(args));
}
public static IEnumerable <IDomainTrust> Get_ForestTrust(Args_Get_Forest args = null)
{
return(GetForestTrust.Get_ForestTrust(args));
}
