public static string Get_DomainSID(Args_Get_DomainSID args = null)
{
if (args == null)
{
args = new Args_Get_DomainSID();
}
var SearcherArguments = new Args_Get_DomainComputer
{
LDAPFilter = @"(userAccountControl:1.2.840.113556.1.4.803:=8192)",
Domain = args.Domain,
Server = args.Server,
Credential = args.Credential,
FindOne = true
};
var computer = GetDomainComputer.Get_DomainComputer(SearcherArguments).First() as LDAPProperty;
var DCSIDs = computer.objectsid;
if (DCSIDs != null)
{
return(DCSIDs[0]?.Substring(0, DCSIDs[0].LastIndexOf('-')));
}
else
{
Logger.Write_Verbose($@"[Get-DomainSID] Error extracting domain SID for '{args.Domain}'");
}
return(null);
}
public static IEnumerable <IDomainTrust> Get_DomainTrust(Args_Get_DomainTrust args = null)
{
if (args == null)
{
args = new Args_Get_DomainTrust();
}
var LdapSearcherArguments = new Args_Get_DomainSearcher
{
Domain = args.Domain,
LDAPFilter = args.LDAPFilter,
Properties = args.Properties,
SearchBase = args.SearchBase,
Server = args.Server,
SearchScope = args.SearchScope,
ResultPageSize = args.ResultPageSize,
ServerTimeLimit = args.ServerTimeLimit,
Tombstone = args.Tombstone,
Credential = args.Credential
};
Args_Get_DomainSID NetSearcherArguments = null;
string SourceDomain = null;
if (!args.API)
{
NetSearcherArguments = new Args_Get_DomainSID();
if (args.Domain.IsNotNullOrEmpty() && args.Domain.Trim() != "")
{
SourceDomain = args.Domain;
}
else
{
if (args.Credential != null)
{
SourceDomain = GetDomain.Get_Domain(new Args_Get_Domain {
Credential = args.Credential
}).Name;
}
else
{
SourceDomain = GetDomain.Get_Domain().Name;
}
}
}
else if (!args.NET)
{
if (args.Domain != null && args.Domain.Trim() != "")
{
SourceDomain = args.Domain;
}
else
{
SourceDomain = Environment.GetEnvironmentVariable("USERDNSDOMAIN");
}
}
var DomainTrusts = new List <IDomainTrust>();
if (!args.API && !args.NET)
{
// if we're searching for domain trusts through LDAP/ADSI
var TrustSearcher = GetDomainSearcher.Get_DomainSearcher(LdapSearcherArguments);
var SourceSID = GetDomainSID.Get_DomainSID(NetSearcherArguments);
if (TrustSearcher != null)
{
TrustSearcher.Filter = @"(objectClass=trustedDomain)";
SearchResult[] Results = null;
if (args.FindOne)
{
Results = new SearchResult[] { TrustSearcher.FindOne() };
}
else
{
var items = TrustSearcher.FindAll();
if (items != null)
{
Results = new SearchResult[items.Count];
items.CopyTo(Results, 0);
}
}
if (Results != null)
{
foreach (var result in Results)
{
var Props = result.Properties;
var DomainTrust = new LdapDomainTrust();
var TrustAttrib = (TrustAttribute)Props[@"trustattributes"][0];
var Direction = (TrustDirection)Props[@"trustdirection"][0];
var TrustType = (TrustType)Props[@"trusttype"][0];
var Distinguishedname = Props[@"distinguishedname"][0] as string;
var SourceNameIndex = Distinguishedname.IndexOf(@"DC=");
if (SourceNameIndex != 0)
{
SourceDomain = Distinguishedname.Substring(SourceNameIndex).Replace(@"DC=", @"").Replace(@",", @".");
}
else
{
SourceDomain = @"";
}
var TargetNameIndex = Distinguishedname.IndexOf(@",CN=System");
string TargetDomain = null;
if (SourceNameIndex != 0)
{
TargetDomain = Distinguishedname.Substring(3, TargetNameIndex - 3);
}
else
{
TargetDomain = @"";
}
var ObjectGuid = new Guid(Props[@"objectguid"][0] as byte[]);
var TargetSID = (new System.Security.Principal.SecurityIdentifier(Props[@"securityidentifier"][0] as byte[], 0)).Value;
DomainTrust = new LdapDomainTrust
{
SourceName = SourceDomain,
TargetName = Props[@"name"][0] as string,
TrustType = TrustType,
TrustAttributes = TrustAttrib,
TrustDirection = Direction,
WhenCreated = Props[@"whencreated"][0],
WhenChanged = Props[@"whenchanged"][0]
};
DomainTrusts.Add(DomainTrust);
}
}
TrustSearcher.Dispose();
}
}
else if (args.API)
{
// if we're searching for domain trusts through Win32 API functions
string TargetDC = null;
if (args.Server.IsNotNullOrEmpty())
{
TargetDC = args.Server;
}
else if (args.Domain != null && args.Domain.Trim() != @"")
{
TargetDC = args.Domain;
}
else
{
// see https://msdn.microsoft.com/en-us/library/ms675976(v=vs.85).aspx for default NULL behavior
TargetDC = null;
}
// arguments for DsEnumerateDomainTrusts
var PtrInfo = IntPtr.Zero;
// 63 = DS_DOMAIN_IN_FOREST + DS_DOMAIN_DIRECT_OUTBOUND + DS_DOMAIN_TREE_ROOT + DS_DOMAIN_PRIMARY + DS_DOMAIN_NATIVE_MODE + DS_DOMAIN_DIRECT_INBOUND
uint Flags = 63;
uint DomainCount = 0;
// get the trust information from the target server
var Result = NativeMethods.DsEnumerateDomainTrusts(TargetDC, Flags, out PtrInfo, out DomainCount);
// Locate the offset of the initial intPtr
var Offset = PtrInfo.ToInt64();
// 0 = success
if (Result == 0 && Offset > 0)
{
// Work out how much to increment the pointer by finding out the size of the structure
var Increment = Marshal.SizeOf(typeof(NativeMethods.DS_DOMAIN_TRUSTS));
// parse all the result structures
for (var i = 0; i < DomainCount; i++)
{
// create a new int ptr at the given offset and cast the pointer as our result structure
var NewIntPtr = new IntPtr(Offset);
var Info = (NativeMethods.DS_DOMAIN_TRUSTS)Marshal.PtrToStructure(NewIntPtr, typeof(NativeMethods.DS_DOMAIN_TRUSTS));
Offset = NewIntPtr.ToInt64();
Offset += Increment;
var SidString = @"";
bool ret = NativeMethods.ConvertSidToStringSid(Info.DomainSid, out SidString);
var LastError = Marshal.GetLastWin32Error();
if (ret == false)
{
Logger.Write_Verbose($@"[Get-DomainTrust] Error: {new System.ComponentModel.Win32Exception(LastError).Message}");
}
else
{
var DomainTrust = new ApiDomainTrust
{
SourceName = SourceDomain,
TargetName = Info.DnsDomainName,
TargetNetbiosName = Info.NetbiosDomainName,
Flags = Info.Flags,
ParentIndex = Info.ParentIndex,
TrustType = (NativeMethods.DS_DOMAIN_TRUST_TYPE)Info.TrustType,
TrustAttributes = Info.TrustAttributes,
TargetSid = SidString,
TargetGuid = Info.DomainGuid
};
DomainTrusts.Add(DomainTrust);
}
}
// free up the result buffer
NativeMethods.NetApiBufferFree(PtrInfo);
}
else
{
Logger.Write_Verbose($@"[Get-DomainTrust] Error: {new System.ComponentModel.Win32Exception((int)Result).Message}");
}
}
else
{
// if we're searching for domain trusts through .NET methods
var FoundDomain = GetDomain.Get_Domain(new Args_Get_Domain
{
Domain = NetSearcherArguments.Domain,
Credential = NetSearcherArguments.Credential
});
if (FoundDomain != null)
{
var items = FoundDomain.GetAllTrustRelationships();
foreach (TrustRelationshipInformation item in items)
{
DomainTrusts.Add(new NetDomainTrust
{
SourceName = item.SourceName,
TargetName = item.TargetName,
TrustDirection = item.TrustDirection,
TrustType = item.TrustType
});
}
}
}
return(DomainTrusts);
}
public static string Get_DomainSID(Args_Get_DomainSID args = null)
{
return(GetDomainSID.Get_DomainSID(args));
}
