Example #1
0
        /// <summary>
        /// Loads credential roaming objects and timestamps.
        /// </summary>
        protected void LoadRoamedCredentials(DirectoryObject dsObject)
        {
            try
            {
                byte[] roamingTimeStamp;
                dsObject.ReadAttribute(CommonDirectoryAttributes.PKIRoamingTimeStamp, out roamingTimeStamp);

                if (roamingTimeStamp == null)
                {
                    // This account does not have roamed credentials, so we skip their processing
                    return;
                }

                // The 16B of the value consist of two 8B actual time stamps.
                long createdTimeStamp  = BitConverter.ToInt64(roamingTimeStamp, 0);
                long modifiedTimeStamp = BitConverter.ToInt64(roamingTimeStamp, sizeof(long));

                this.RoamedCredentialsCreated  = DateTime.FromFileTime(createdTimeStamp);
                this.RoamedCredentialsModified = DateTime.FromFileTime(modifiedTimeStamp);

                byte[][] masterKeyBlobs;
                dsObject.ReadLinkedValues(CommonDirectoryAttributes.PKIDPAPIMasterKeys, out masterKeyBlobs);

                byte[][] credentialBlobs;
                dsObject.ReadLinkedValues(CommonDirectoryAttributes.PKIAccountCredentials, out credentialBlobs);

                // Parse the blobs and combine them into one array.
                var credentials = new List <RoamedCredential>();

                if (masterKeyBlobs != null)
                {
                    foreach (var blob in masterKeyBlobs)
                    {
                        credentials.Add(new RoamedCredential(blob, this.SamAccountName, this.Sid));
                    }
                }

                if (credentialBlobs != null)
                {
                    foreach (var blob in credentialBlobs)
                    {
                        credentials.Add(new RoamedCredential(blob, this.SamAccountName, this.Sid));
                    }
                }

                this.RoamedCredentials = credentials.ToArray();
            }
            catch (SchemaAttributeNotFoundException)
            {
                // These attributes have been added in Windows Server 2008, so they might not be present on older DCs.
            }
        }
Example #2
0
        /// <summary>
        /// Loads key credentials.
        /// </summary>
        protected void LoadKeyCredentials(DirectoryObject dsObject)
        {
            // This attribute has been added in Windows Server 2016, so it might not be present on older DCs.
            byte[][] keyCredentialBlobs;
            dsObject.ReadLinkedValues(CommonDirectoryAttributes.KeyCredentialLink, out keyCredentialBlobs);

            // Parse the blobs and combine them into one array.
            var credentials = new List <KeyCredential>();

            if (keyCredentialBlobs != null)
            {
                foreach (var blob in keyCredentialBlobs)
                {
                    credentials.Add(new KeyCredential(blob, this.DistinguishedName));
                }
            }

            this.KeyCredentials = credentials.ToArray();
        }