public void ContainerProcessor_ReadContainerGPLinks_ReturnsCorrectValues()
{
var processor = new ContainerProcessor(new MockLDAPUtils());
var test = processor.ReadContainerGPLinks(_testGpLinkString).ToArray();
var expected = new GPLink[]
{
new()
{
GUID = "B39818AF-6349-401A-AE0A-E4972F5BF6D9",
IsEnforced = false
},
new()
{
GUID = "ACDD64D3-67B3-401F-A6CC-804B3F7B1533",
IsEnforced = false
},
new()
{
GUID = "C45E9585-4932-4C03-91A8-1856869D49AF",
IsEnforced = false
}
};
Assert.Equal(3, test.Length);
Assert.Equal(expected, test);
}
public void ContainerProcessor_ReadContainerGPLinks_IgnoresNull()
{
var processor = new ContainerProcessor(new MockLDAPUtils());
var test = processor.ReadContainerGPLinks(null);
Assert.Empty(test);
}
public void ContainerProcessor_ReadContainerGPLinks_UnresolvedGPLink_IsIgnored()
{
var processor = new ContainerProcessor(new MockLDAPUtils());
//GPLink that doesn't exist
const string s =
"[LDAP://cn={94DD0260-38B5-497E-8876-ABCDEFG},cn=policies,cn=system,DC=testlab,DC=local;0]";
var test = processor.ReadContainerGPLinks(s);
Assert.Empty(test);
}
public void ContainerProcessor_ReadBlocksInheritance_ReturnsCorrectValues()
{
var test = ContainerProcessor.ReadBlocksInheritance(null);
var test2 = ContainerProcessor.ReadBlocksInheritance("3");
var test3 = ContainerProcessor.ReadBlocksInheritance("1");
Assert.False(test);
Assert.False(test2);
Assert.True(test3);
}
public ObjectProcessors(IContext context, ILogger log)
{
_context = context;
_aclProcessor = new ACLProcessor(context.LDAPUtils);
_spnProcessor = new SPNProcessors(context.LDAPUtils);
_ldapPropertyProcessor = new LDAPPropertyProcessor(context.LDAPUtils);
_domainTrustProcessor = new DomainTrustProcessor(context.LDAPUtils);
_computerAvailability = new ComputerAvailability(context.PortScanTimeout, skipPortScan: context.Flags.SkipPortScan, skipPasswordCheck: context.Flags.SkipPasswordAgeCheck);
_computerSessionProcessor = new ComputerSessionProcessor(context.LDAPUtils);
_groupProcessor = new GroupProcessor(context.LDAPUtils);
_containerProcessor = new ContainerProcessor(context.LDAPUtils);
_gpoLocalGroupProcessor = new GPOLocalGroupProcessor(context.LDAPUtils);
_methods = context.ResolvedCollectionMethods;
_cancellationToken = context.CancellationTokenSource.Token;
_log = log;
}
private async Task <OU> ProcessOUObject(ISearchResultEntry entry,
ResolvedSearchResult resolvedSearchResult)
{
var ret = new OU
{
ObjectIdentifier = resolvedSearchResult.ObjectId
};
ret.Properties.Add("domain", resolvedSearchResult.Domain);
ret.Properties.Add("name", resolvedSearchResult.DisplayName);
ret.Properties.Add("distinguishedname", entry.DistinguishedName.ToUpper());
ret.Properties.Add("domainsid", resolvedSearchResult.DomainSid);
ret.Properties.Add("highvalue", false);
if ((_methods & ResolvedCollectionMethod.ACL) != 0)
{
ret.Aces = _aclProcessor.ProcessACL(resolvedSearchResult, entry).ToArray();
ret.IsACLProtected = _aclProcessor.IsACLProtected(entry);
}
if ((_methods & ResolvedCollectionMethod.ObjectProps) != 0)
{
ret.Properties = ContextUtils.Merge(ret.Properties, LDAPPropertyProcessor.ReadOUProperties(entry));
if (_context.Flags.CollectAllProperties)
{
ret.Properties = ContextUtils.Merge(_ldapPropertyProcessor.ParseAllProperties(entry),
ret.Properties);
}
}
if ((_methods & ResolvedCollectionMethod.Container) != 0)
{
ret.ChildObjects = _containerProcessor.GetContainerChildObjects(resolvedSearchResult, entry).ToArray();
ret.Properties.Add("blocksinheritance",
ContainerProcessor.ReadBlocksInheritance(entry.GetProperty("gpoptions")));
ret.Links = _containerProcessor.ReadContainerGPLinks(resolvedSearchResult, entry).ToArray();
}
if ((_methods & ResolvedCollectionMethod.GPOLocalGroup) != 0)
{
var gplink = entry.GetProperty(LDAPProperties.GPLink);
ret.GPOChanges = await _gpoLocalGroupProcessor.ReadGPOLocalGroups(gplink, entry.DistinguishedName);
}
return(ret);
}
public void ContainerProcessor_GetContainerChildObjects_ReturnsCorrectData()
{
var mock = new Mock <MockLDAPUtils>();
var searchResults = new MockSearchResultEntry[]
{
//These first 4 should be filtered by our DN filters
new(
"CN=7868d4c8-ac41-4e05-b401-776280e8e9f1,CN=Operations,CN=DomainUpdates,CN=System,DC=testlab,DC=local"
, null, null, Label.Base),
new("CN=Microsoft,CN=Program Data,DC=testlab,DC=local", null, null, Label.Base),
new("CN=Operations,CN=DomainUpdates,CN=System,DC=testlab,DC=local", null, null, Label.Base),
new("CN=User,CN={C52F168C-CD05-4487-B405-564934DA8EFF},CN=Policies,CN=System,DC=testlab,DC=local", null,
null, Label.Base),
//This is a real object in our mock
new("CN=Users,DC=testlab,DC=local", null, "ECAD920E-8EB1-4E31-A80E-DD36367F81F4", Label.Container),
//This object does not exist in our mock
new("CN=Users,DC=testlab,DC=local", null, "ECAD920E-8EB1-4E31-A80E-DD36367F81FD", Label.Container),
//Test null objectid
new("CN=Users,DC=testlab,DC=local", null, null, Label.Container)
};
mock.Setup(x => x.QueryLDAP(It.IsAny <string>(), It.IsAny <SearchScope>(), It.IsAny <string[]>(),
It.IsAny <string>(), It.IsAny <bool>(), It.IsAny <bool>(), It.IsAny <string>(), It.IsAny <bool>(),
It.IsAny <bool>())).Returns(searchResults);
var processor = new ContainerProcessor(mock.Object);
var test = processor.GetContainerChildObjects(_testGpLinkString).ToArray();
var expected = new TypedPrincipal[]
{
new()
{
ObjectIdentifier = "ECAD920E-8EB1-4E31-A80E-DD36367F81F4",
ObjectType = Label.Container
}
};
Assert.Single(test);
Assert.Equal(expected, test);
}
