public ExportDataFromActiveDirectoryLive(string server, int port, NetworkCredential credential)
{
Server = server;
Port = port;
Credential = credential;
Storage = new LiveDataStorage();
}
private void AddTrustedDomains(LiveDataStorage storage)
{
storage.KnownDomains.Clear();
List <DataStorageDomainTrusts> domains;
List <SecurityIdentifier> KnownSID = new List <SecurityIdentifier>();
domains = GetAllDomainTrusts(Server);
storage.KnownDomains.AddRange(domains);
KnownSID.AddRange(domains.ConvertAll(x => x.DomainSid));
var domainLocator = new DomainLocator(Server);
foreach (var node in storage.nodes.Values)
{
if (!String.IsNullOrEmpty(node.Sid) && node.Sid.StartsWith("S-1-5-21-") && node.Shortname.Contains("\\"))
{
var sid = new SecurityIdentifier(node.Sid);
var domainSid = sid.AccountDomainSid;
if (!KnownSID.Contains(domainSid))
{
string domainName;
string forestName;
string NetbiosName = node.Shortname.Split('\\')[0];
if (domainLocator.LocateDomainFromNetbios(NetbiosName, out domainName, out forestName))
{
KnownSID.Add(domainSid);
storage.KnownDomains.Add(new DataStorageDomainTrusts()
{
DnsDomainName = domainName,
DomainSid = domainSid,
NetbiosDomainName = NetbiosName,
}
);
}
}
}
}
}
int AnalyzeMissingObjets(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage Storage)
{
int num = 0;
while (true)
{
List <string> cns = Storage.GetCNToInvestigate();
if (cns.Count > 0)
{
num += cns.Count;
ExportCNData(adws, domainInfo, relationFactory, cns);
}
List <string> sids = Storage.GetSIDToInvestigate();
if (sids.Count > 0)
{
num += sids.Count;
ExportSIDData(adws, domainInfo, relationFactory, sids);
}
List <int> primaryGroupId = Storage.GetPrimaryGroupIDToInvestigate();
if (primaryGroupId.Count > 0)
{
num += primaryGroupId.Count;
ExportPrimaryGroupData(adws, domainInfo, relationFactory, primaryGroupId);
}
if (cns.Count == 0 && sids.Count == 0 && primaryGroupId.Count == 0)
{
return(num);
}
}
}
private void ExportReportData(ADWebService adws, ADDomainInfo domainInfo, RelationFactory relationFactory, LiveDataStorage storage, GraphObjectReference objectReference, List <string> UsersToInvestigate)
{
ADItem aditem = null;
foreach (var typology in objectReference.Objects.Keys)
{
var toDelete = new List <GraphSingleObject>();
foreach (var obj in objectReference.Objects[typology])
{
DisplayAdvancement("Working on " + obj.Description);
aditem = Search(adws, domainInfo, obj.Name);
if (aditem != null)
{
relationFactory.AnalyzeADObject(aditem);
}
else
{
Trace.WriteLine("Unable to find the user: "******"Working on " + user);
aditem = Search(adws, domainInfo, user);
if (aditem != null)
{
objectReference.Objects[Data.CompromiseGraphDataTypology.UserDefined].Add(new GraphSingleObject(user, user));
relationFactory.AnalyzeADObject(aditem);
}
else
{
Trace.WriteLine("Unable to find the user: " + user);
}
}
AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage);
relationFactory.InsertFiles();
AnalyzeMissingObjets(adws, domainInfo, relationFactory, storage);
}
