/// <summary>
/// Reads specific LDAP properties related to Computers
/// </summary>
/// <param name="entry"></param>
/// <returns></returns>
public async Task <ComputerProperties> ReadComputerProperties(ISearchResultEntry entry)
{
var compProps = new ComputerProperties();
var props = GetCommonProps(entry);
var uac = entry.GetProperty(LDAPProperties.UserAccountControl);
bool enabled, unconstrained, trustedToAuth;
if (int.TryParse(uac, out var flag))
{
var flags = (UacFlags)flag;
enabled = (flags & UacFlags.AccountDisable) == 0;
unconstrained = (flags & UacFlags.TrustedForDelegation) == UacFlags.TrustedForDelegation;
trustedToAuth = (flags & UacFlags.TrustedToAuthForDelegation) != 0;
}
else
{
unconstrained = false;
enabled = true;
trustedToAuth = false;
}
var domain = Helpers.DistinguishedNameToDomain(entry.DistinguishedName);
var comps = new List <TypedPrincipal>();
if (trustedToAuth)
{
var delegates = entry.GetArrayProperty(LDAPProperties.AllowedToDelegateTo);
props.Add("allowedtodelegate", delegates);
foreach (var d in delegates)
{
var hname = d.Contains("/") ? d.Split('/')[1] : d;
hname = hname.Split(':')[0];
var resolvedHost = await _utils.ResolveHostToSid(hname, domain);
if (resolvedHost != null && (resolvedHost.Contains(".") || resolvedHost.Contains("S-1")))
{
comps.Add(new TypedPrincipal
{
ObjectIdentifier = resolvedHost,
ObjectType = Label.Computer
});
}
}
}
compProps.AllowedToDelegate = comps.Distinct().ToArray();
var allowedToActPrincipals = new List <TypedPrincipal>();
var rawAllowedToAct = entry.GetByteProperty(LDAPProperties.AllowedToActOnBehalfOfOtherIdentity);
if (rawAllowedToAct != null)
{
var sd = _utils.MakeSecurityDescriptor();
sd.SetSecurityDescriptorBinaryForm(rawAllowedToAct, AccessControlSections.Access);
foreach (var rule in sd.GetAccessRules(true, true, typeof(SecurityIdentifier)))
{
var res = _utils.ResolveIDAndType(rule.IdentityReference(), domain);
allowedToActPrincipals.Add(res);
}
}
compProps.AllowedToAct = allowedToActPrincipals.ToArray();
props.Add("enabled", enabled);
props.Add("unconstraineddelegation", unconstrained);
props.Add("trustedtoauth", trustedToAuth);
props.Add("lastlogon", Helpers.ConvertFileTimeToUnixEpoch(entry.GetProperty(LDAPProperties.LastLogon)));
props.Add("lastlogontimestamp",
Helpers.ConvertFileTimeToUnixEpoch(entry.GetProperty(LDAPProperties.LastLogonTimestamp)));
props.Add("pwdlastset", Helpers.ConvertFileTimeToUnixEpoch(entry.GetProperty(LDAPProperties.PasswordLastSet)));
props.Add("serviceprincipalnames", entry.GetArrayProperty(LDAPProperties.ServicePrincipalNames));
var os = entry.GetProperty(LDAPProperties.OperatingSystem);
var sp = entry.GetProperty(LDAPProperties.ServicePack);
if (sp != null)
{
os = $"{os} {sp}";
}
props.Add("operatingsystem", os);
var sh = entry.GetByteArrayProperty(LDAPProperties.SIDHistory);
var sidHistoryList = new List <string>();
var sidHistoryPrincipals = new List <TypedPrincipal>();
foreach (var sid in sh)
{
string sSid;
try
{
sSid = new SecurityIdentifier(sid, 0).Value;
}
catch
{
continue;
}
sidHistoryList.Add(sSid);
var res = _utils.ResolveIDAndType(sSid, domain);
sidHistoryPrincipals.Add(res);
}
compProps.SidHistory = sidHistoryPrincipals.ToArray();
props.Add("sidhistory", sidHistoryList.ToArray());
compProps.Props = props;
return(compProps);
}
